1.) In a study made recently, ransomware attacks on educational institutions are estimated to have crossed $3.58 billion in 2021. And the costs that stemmed were accounted as such from the downtime and recovery expenses incurred through cyber attacks.
The file-encrypting malware attack is said to have affected over 1.3 million students at different schools and colleges.
According to the document released by Comparitech, about 67 ransomware variants hit over 954 schools and colleges last year, affecting over 1.3 million students.
School districts became popular targets for cyber attacks, as many of the educational institutions were operating with obsolete hardware and software.
2.) Conti Ransomware gang that was rumored to have shut down its operations in May this year seems to have resumed its operation again. According to a report compiled by the security intelligence firm Group-IB, Conti targeted almost 40 organizations of enormous size between the months of April to June.
Researchers of Group-IB have determined that Conti launched ransomware attacks in the name of the ARMattack hacking campaign that was primarily conducted from the first week of April this year.
As per the analysis by the security firm, Conti gang members worked almost 14-15 hours a day, except on New Year’s eve, and took just 3 days to compromise a corporate network. The group also operated in a legitimate business model by having members dedicated to R&D, accounts, and customer support, and hired a group of 30-40 money laundering gang members to quench their financial needs.
The R&D gang members of Conti were assigned the duty of analyzing windows updates and finding any flaws in the patches and discovering zero-day vulnerabilities that can be exploited later.
Precisely speaking, Conti gangs occupy the second place on the list of most-wanted cyber criminals by FBI, Interpol, Europol, and NCSC.
The only thing is the more the law enforcement is making arrests, the more the Conti gang is getting elongated.
3.) According to a study conducted by Secureworks, two Chinese hacking groups are conducting espionage in disguise of ransomware attacks. Means, that two hacking groups are using malware to obscure their tracks, and block defenders from launching remediation measures, thus making attribution harder.
Bronze Riverside aka APT41 and Bronze Starlight aka APT10 are the two hacking groups that are using cobalt strike as a decoy to deploy ransomware strains such as AtomSilo, LockFile, Rook, Night Sky, and Pandora.
Currently, the targets are only companies operating in Japan and North America. But researchers predict that their focus could change towards the UK, Canada, and Australia.
4.) Fourth is the news that belongs to a Japanese firm called Nichirin Flex USA. A ransomware gang targeted the company that manufactures hoses for car makers on June 14th of this year.
Since then, the company has been witnessing a delay in tracking and processing orders and distributing them to neighboring nations and overseas.
Nichirin wants employees and clients to be extra vigilant against phishing emails as one or two such emails have reportedly compromised its email network. It has also assured that it will not bow down to the ransom demands of hackers and will instead rely on a data recovery plan.