This year has seen a rise in high profile ransomware attacks, with one of the latest victims being cruise ship operator, Carnival Corporation. The specific ransomware attack used hasn’t been confirmed, but its being reported that a portion of one of Carnival Corporation’s IT systems has been accessed and encrypted by the attackers – putting both staff’s and customer’s personal information at risk.
According to the company’s form 8K filing, they could also still be at further risk. The filing says that the hackers also downloaded multiple data files whilst they were inside Carnival’s systems, this could suggest that they are at risk of a double extortion attack. Traditional ransomware attacks are being taken a step further by several cyber criminal groups, including Maze and ReVIL/Sodinokibi groups. These groups are adding an extra factor to their ransomware attacks by extracting large amounts of sensitive data before encrypting IT systems and then threating to make this data public unless the ransom is paid.
Carnival has said “Promptly upon its detection of the security event, the company launched an investigation and notified law enforcement, and engaged legal counsel and other incident response professionals. While the investigation of the incident is ongoing, the company has implemented a series of containment and remediation measures to address this situation and reinforce the security of its IT systems.”
The attack against Carnival Corporation is just one of a recent string of high-profile ransomware attacks. Another notable attack was against navigation company, Garmin. Reportedly, the attack resulted in Garmin paying the cyber criminals a multi-million-dollar ransom to obtain the decryption key needed to decrypt their files.
Unlike Garmin, digital imaging technology company, Canon refused to negotiate with their attackers after they were also victim to a ransomware attack. In an effort to lure Canon into negotiations, the criminal group behind the attack have released 2.2GB of the data stolen from Canon’s IT systems. The group, known as Maze, claim that this 2.2GB is just 5% of the total stolen data. Although the released data appears to contain just marketing materials, it’s likely that the attackers are holding back more sensitive information to use as leverage against Canon.
It’s now more important that ever to ensure that that you and your business have the correct measures in place, including policies and procedures, to help protect your private and sensitive information from information thieves. Contact QCC today to see how we can help to keep your information safe.