Ransomware attack on Big Issue and University of Winnipeg


The Qilin Ransomware group is under scrutiny for breaching the servers of the UK-based newspaper ‘The Big Issue Group.’ Reports indicate that the perpetrators successfully accessed confidential data from the victim and are now holding the entire database hostage, encrypting it until a ransom is paid.

The Big Issue, a newspaper primarily serving the homeless community, is diligently exploring avenues to recover the data. It’s been revealed that the breach may have resulted in the loss of approximately 500GB of critical data, including contracts, partner information, personal data, and financial statements.

Qilin, a file-encrypting malware first identified in 2022, has been associated with hackers behind the dissemination of LockBit, AlphaV, or Black Cat malware. According to Rebecca Moody, Head of Data Research at Comparitech, Qilin infected eight organizations in 2023 alone, with a recent surge of 29 attacks in the past three months.

Notably, Threat Analysis group Group IB characterizes ‘Qilin’ as a ransomware-as-a-service model, available for purchase by third parties based on their attack requirements.

In a separate incident, the University of Winnipeg has been targeted in a cyber attack, leading to the postponement of exams by approximately a week. Instead of commencing on April 11th, 2024, exams will now begin on April 18th, 2024, granting students additional time to prepare.

Insider details from cybersecurity sources reveal that threat actors gained unauthorized access to the university’s computer network, causing server disruptions. In response, authorities shut down select systems to prevent further unauthorized access, data theft, or encryption attempts, indicating a ransomware variant.

Hackers increasingly target educational and healthcare institutions, exploiting vulnerabilities in less fortified networks. Many organizations neglect comprehensive cybersecurity measures due to budgetary constraints or a false sense of security. However, in reality, cybercriminals frequently exploit these inadequately protected networks to steal and monetize data, even if the victim refuses to pay the ransom.

The current cybersecurity landscape underscores that no business is impervious to cyber attacks, and there’s no foolproof software to guarantee network defense. Vigilance, robust security measures, and proactive risk mitigation strategies are imperative in safeguarding against evolving cyber threats.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display