A look at Darkside ransomware. Ransomware attacks on schools are up. REvil hits Acer. California state employee exposes COVID patient data.

March 22, 2021

Cyberwire

At a glance.

  • A look at the Darkside ransomware gang.
  • FBI warns that ransomware attacks on schools are up.
  • REvil ransomware hits Acer.
  • California state employee exposes Atascadero State Hospital COVID-19 data.
  • Trojan impersonates Clubhouse app.

Take a walk on the Darkside.

After examining several recent campaigns, researchers at Varonis offer an in-depth examination of the techniques of the ransomware group Darkside. Since first emerging as a ransomware-as-a-service (RaaS) operation in 2020, the group has made a name for itself with campaigns that display in-depth knowledge of their victims’ technological weaknesses. Reverse engineering shows that the group avoids attacking Russia-based institutions, and they’ve publicly stated that they steer clear of hospitals, schools, and governments, opting to focus on larger, more lucrative organizations. What makes their operation unique is their focus on stealth strategies, like establishing command and control routed through TOR, deleting log files, and using customized code and connection hosts for each target. Their methods demonstrate the need for organizations to protect themselves by using multi-factor authentication, diligently patching vulnerabilities, and limiting employee access to sensitive data.

Caleb Barlow, CEO of CynergisTek offers commentary on the recent story about a California state employee exposing the COVID-19 test and tracking data of more than two thousand people.

Click here to read the full story.

Previous Video
Welcome To Your Worst Day Ever: A Ransomeware Preparedness Seminar
Welcome To Your Worst Day Ever: A Ransomeware Preparedness Seminar

The threat of a ransomware incident in healthcare looms over the minds of many healthcare, executives and b...

Next Article
Ransomware Attack's Economic Impact: $67 Million
Ransomware Attack's Economic Impact: $67 Million

Marti Arvin discusses ransomware attacks and other disruptive cyber incidents that have been surging in the...