Ransomware continues to be the main source of news and the cause of major cybersecurity incidents. JBS Foods, the leading American food company and largest meat producer in the world, was forced to close production at several sites around the world due to a cyberattack. The attack was carried out by the operators of the ransomware REvil.
FujiFilm, a Japanese multinational conglomerate, launched an investigation after it had to shut down part of its IT network in a ransomware cyberattack. Although the company itself does not disclose what ransomware was used in the attack, according to the head of the information security company Advanced Intel Vitaly Kremez, last month FujiFilm networks were infected with the Qbot Trojan. After a difficult situation developed around ransomware in the hacker community in connection with the attack on the Colonial Pipeline, Qbot operators began to actively cooperate with the cyber ransomware group REvil.
Unidentified ransomware operators have launched a cyberattack on the systems of the US Steamship Authority, the legislative regulator for all ferry services between mainland Massachusetts and Martha’s Vineyard and Nantucket. Hackers disrupted ferry service between the mainland and the islands.
The White House has called on business leaders and corporate executives to take ransomware attacks seriously. The White House is calling on all companies to implement the recommendations it recently made in a cybersecurity decree, including system upgrades and network separation to isolate operating portions of networks. The Biden administration also announced this week that it has begun a review of ransomware practices, which includes pressure on countries like Russia to avoid ransomware attacks and analyze the use of cryptocurrency by criminals.
San Diego-based nonprofit healthcare provider Scripps Health reported a ransomware cyberattack. Criminals stole confidential information about patients.
US hospital network UF Health Central Florida has also been the victim of a ransomware cyberattack that forced two hospitals to shut down their IT networks and switch to manual operation.
Live broadcasts for radio and TV channels owned by Cox Media Group, one of the largest media conglomerates in the United States, were interrupted by the attack. Many sources for The Record believe that the cyber incident is related to ransomware.
The US Department of Justice will equate investigations into ransomware cyberattacks with investigations of terrorism. An internal guide sent by the Justice Department to US Attorney’s offices across the country says that information on investigations into ransomware attacks on the ground should be coordinated centrally with a newly formed working group in Washington.
Hackers involved in a cyberattack on the Colonial Pipeline system in the United States used a leaked VPN password. According to Charles Carmakal, senior vice president of Mandiant, one of the employees used the same password for both VPN and other services. The investigation found no signs of phishing.
Security researcher Jakub Kroustek has discovered two new variants of the Dharma ransomware that add the .cnc and.PARTY extensions.
Latvian citizen Alla Witte was accused in the United States of cybercrimes committed in Russia and Belarus, and she faces more than 50 years in prison for attacks on companies from Ohio. The woman is accused of involvement in a group that has committed many cybercrimes, including in Russia, and is also considered to be involved in the development of the Trickbot ransomware.
Catch up on more articles here
Follow us on Twitter here