CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

admin by admin
December 7, 2022
in Information Security


Dec 07, 2022Ravie LakshmananCyber Crime / Ransomware

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive.

Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data by Palo Alto Networks Unit 42.

The cybersecurity company called Vice Society one of the “most impactful ransomware gangs of 2022.”

CyberSecurity

Of the 100 organizations impacted in total, 35 cases have been reported from the U.S., followed by 18 in the U.K., seven in Spain, six each in Brazil and France, four each in Germany and Italy, and three cases in Australia.

Active since May 2021, Vice Society stands apart from other ransomware crews in that it does not use a ransomware variant of its own, rather relying on pre-existing ransomware binaries such as HelloKitty and Zeppelin that are sold on underground forums.

Vice Society Ransomware

Microsoft, which is tracking the activity under the name DEV-0832, said the group avoids deploying ransomware in some cases and carries out extortion using exfiltrated stolen data.

Vice Society Ransomware

The operators have been observed obtaining initial network access through compromised credentials by leveraging internet-facing applications, in addition to abusing known security flaws to escalate privileges.

Unit 42’s incident response efforts show that the group has a dwell time of six days in the victims’ environments and that the initial ransom amounts could exceed $1 million – a figure that may drop by as much as 60% post negotiations to $460,000.

“School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable to threat actors,” Unit 42 researcher JR Gumarin said.

“Vice Society and its consistent targeting of the education industry vertical, particularly around the September time frame, serves as a warning that this group has shaped their campaigns to take advantage of the school year in the U.S.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

How to secure your SaaS tenant data in DynamoDB with ABAC and client-side encryption

Next Post

Initiateinnovativeleadershipviablogging

Related Posts

Information Security

New Android Banking Trojan Targeting Brazilian Financial Institutions

by admin
February 4, 2023
Information Security

Fall 2022 PCI DSS report available with six services added to compliance scope

by admin
February 4, 2023
Information Security

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

by admin
February 3, 2023
Information Security

How to improve security incident investigations using Amazon Detective finding groups

by admin
February 3, 2023
Information Security

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

by admin
February 2, 2023
Next Post

Initiateinnovativeleadershipviablogging

Recommended

Initiativesofreinvention

February 4, 2023

New Android Banking Trojan Targeting Brazilian Financial Institutions

February 4, 2023

Fall 2022 PCI DSS report available with six services added to compliance scope

February 4, 2023

Initiativesofnonlinearity ~ Future of CIO

February 3, 2023

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

February 3, 2023

How to improve security incident investigations using Amazon Detective finding groups

February 3, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.