Threat Watch

Pitney Bowes Hit With Maze Ransomware

The group behind Maze Ransomware has claimed another victim, Pitney Bowes, just seven months after Pitney Bowes was hit by Ryuk ransomware. This attack was first announced on the Maze team’s website in a blog post on May 11th, stating that they’d breached and encrypted Pitney Bowes’ network. The breach was later confirmed by Pitney Bowes.

ANALYST NOTES

Recently, ransomware actors have been stealing sensitive data, naming their victims publicly, and threatening to release private files in order to convince victims to pay the ransom. However, while this scheme seems incredibly damaging to a company’s reputation, Binary Defense still cannot recommend paying the ransom. Ransomware actors sometimes leave a hidden backdoor access method that they can use to access the systems in the future. Additionally, by watching ransomware team’s sites, other ransomware groups can identify potential victim companies that are willing to pay ransoms and have insecure systems, making any company that paid a ransom in the past a new target for other ransomware groups. If it is clear that a company has a firm policy of not negotiating with or paying criminals, it may reduce the likelihood that other ransomware groups will target that company in the future. It is important to have a strong security monitoring program in place to detect computer intrusions at any time of day and respond quickly to cut off attackers’ access before they have the chance to steal sensitive data and encrypt files across multiple servers.

Source:
https://www.zdnet.com/article/package-delivery-giant-pitney-bowes-confirms-second-ransomware-attack-in-7-months/