Recent ransomware outbreak hits many businesses and government agencies!
A successful Ransomware campaign can even throw giants like Norsk Hydro off the rails. The British police and personnel in this country are currently particular...
Vincent Heinen Abteilungsleiter Offensive Services TL;DR
In early 2019, a wave of ransomware attacks hit both corporations and government agencies. Norwegian aluminum manufacturer Norsk Hydro was struck by LockerGoga in a targeted attack, prompting a switch to manual operations. The British police also fell victim to ransomware, while in Germany the Gandcrab 5.2 strain targeted HR departments by sending malicious macro-embedded Word files in response to real job listings. Emotet remained active as well. Norsk Hydro's transparent crisis communication - including daily webcasts and public Facebook updates - was highlighted as a model response that helped stabilize its share price.
Table of Contents (3 sections)
A successful Ransomware campaign can even throw giants like Norsk Hydro off the rails. The British police and personnel in this country are currently particularly attentive when opening e-mails. All companies have one topic in common: They work with e-mails and are threatened by a current Ransomware campaign. Already in 2016 we warned against the Golden Eye Ransomware. However, reports of successful ransomware attacks are currently increasing significantly, although the danger should be more present today than 2016.
Ransomware campaign - currently very successful!
Norsk Hydro, an aluminum manufacturer from Scandinavia, was attacked by LockerGoga Ransomware. It was supposed to be a targeted attack, as unique four-digit codes were used. A detailed description of the incident has already been published. One aspect that stands out is Hydro’s crisis communication. This was excellent. Webcasts with high-ranking managers were streamed daily, the public was kept up to date via Facebook and the company was switched to “manual operation”. These measures resulted in the company’s share price remaining relatively unaffected. For the CEO, this was definitely a nightmare start. He had taken the position the day before the attack.
The police are not safe from ransomware either Campaign
However, Hydro is not the only company affected by Ransomware. Also the British police was victim of a Ransomware attack . However, it is still unclear which type of Ransomware was used. Other organizations are also being targeted at the moment. A job in North Carolina has fallen victim for the third time in five years .
Ransomware wave in Germany
Ransomware campaigns are particularly popular with HR departments, as they always have to reckon with an e-mail. A successful example of a Ransomware attack is an unsolicited application. However, the current Gandcrab version 5.2 does something different here. It sends the harmful file attachments to jobs that are actually advertised. This is a very perfidious strategy, since HR staff must now pay close attention to whether you execute macros when opening Word files. The macros are used to reload the malware. Also emotet is still active in Germany. The CERT association warns on Twitter against e-mails that contain a link to “Open Secure Message”. Behind this lies the malware Emotet.
Monthly Threat Report
Chris Wojzechowski bewertet einmal im Monat die aktuelle Bedrohungslage aus Sicht eines Informationssicherheitsexperten. Sein 30-köpfiges Team ist näher an realen Cyberbedrohungen dran als kaum jemand sonst — mit konkreten Handlungsempfehlungen, die Sie am nächsten Morgen umsetzen können.
Bestseller-Autor (Wiley-VCH) · M.Sc. Internet-Sicherheit · Bekannt aus Handelsblatt & WamS
Zuletzt behandelt
1x im Monat · Kein Spam · Jederzeit abbestellbar · Datenschutz
Next Step
Our certified security experts will advise you on the topics covered in this article — free and without obligation.
Free · 30 minutes · No obligation
