fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs

FBI: Ransomware Gang Breached 52 US Critical Infrastructure Orgs

The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors.

This was revealed in a joint TLP:WHITE flash alert published on Monday in coordination with the Cybersecurity and Infrastructure Security Agency.

“As of January 2022, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors,” the federal law enforcement agency said [PDF].

“RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention.”

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

The flash alert focuses on providing indicators of compromise (IOCs) organizations can use to detect and block Ragnar Locker ransomware attacks.

IOCs associated with Ragnar Locker activity include info on attack infrastructure, Bitcoin addresses used to collect ransom demands, and email addresses used by the gang’s operators.

Although the FBI first became aware of Ragnar Locker in April 2020, Ragnar Locker ransomware payloads were first observed in attacks months before, during late December 2019.

Ragnar Locker operators terminate remote management software (e.g., ConnectWise, Kaseya) used by managed service providers (MSPs) to manage clients’ systems remotely on compromised enterprise endpoints.

This allows the threat actors to evade detection and make sure remotely logged-in admins do not interfere with or block the ransomware deployment process.

Request for info linked to Ragnar Locker attacks

The FBI asked admins and security professionals who detect Ragnar Locker activity to share any related information with their local FBI Cyber Squad.

Useful info that would help identify the threat actors behind this ransomware gang includes copies of the ransom notes, ransom demands, malicious activity timelines, payload samples, and more.

The FBI added that it doesn’t encourage paying Ragnar Locker ransoms since victims have no guarantee that paying will prevent leaks of stolen data or future attacks.

Also Read: Data Protection Officer Singapore | 10 FAQs

Instead, ransom payments will further motivate the ransomware gang to target even more victims and incentivizes other cybercrime operations to join in and launch their own ransomware attacks.

However, the federal agency did recognize the damage inflicted to businesses by ransomware attacks, which may force executives to pay ransoms and protect shareholders, customers, or employees.

The FBI also shared mitigation measures to block such attacks and strongly urged victims to report such incidents to their local FBI field office.

Since December, the FBI also revealed that Cuba ransomware compromised the networks of at least 49 US critical infrastructure entities, while the BlackByte ransomware gang hit at least three others.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us