DailyPost 2704
CACTUS RANSOMWARE
It has often been said that getting hacked is the new normal. It has slowly gained the status of truism. Even the best of the truisms doesn’t have a real-life example so often and seemingly unending. These are times we live in. One also gets a feeling that ransomware is here to stay. For sure if we go by the history of crimes, it would make us believe, that better forms of cybercrime beating ransomware will come on to the scene, sooner than later. We have heard of gangs and mafias infamous for what they do, but ransomware gangs take it to a different level, given both the nature impact and also the money it generates.
A relatively new gang and not much known, Cactus ransomware has now claimed to have stolen 1.5TB of Schneider Electric data. Going by reports it happened on 17th of January 2024, when this gang gained access to the Sustainability Business Division of Schneider. As has become the regular story 25 MB of allegedly stolen data was leaked on the operation’s dark web leak site as a proof. It also had “snapshots showing several American citizens’ passports and NDA document scans.” The amount of the ransomware demand is not known.
What is known is Cactus Ransomware gang is extorting the company, warning the company that it would leak all stolen data, if the ransomware is not paid. This gang is already hitting the ransomware charts and has the dubious distinction of adding over 100 companies to its data leak site. In the present case it is currently unknown as to what data has been stolen. The business division breached is likely to have data on regulatory and compliance data of high-profile companies worldwide. The data thus stolen could also include sensitive information about customers industrial control and automation systems.
Schneider had previously also fallen victim to Clop ransomware’s MOVEit data theft attacks that has impacted over 2,700 organizations. Suffice to say that no crime in the history of mankind has been so brazen as the ransomware attacks. The booty is put in the public domain and no investigative agency can do anything about it. The way it is written about Dark Web gives us a feeling that it is an open Global Data Chor Bazaar. Based on whatever information is available on the public domain, it gives a feeling that law enforcement, investigative and the intelligence agencies are nowhere near the capabilities and firepower of the ransomware gangs. The law has also been left behind quite far away. Where to go from here?
RANSOMWARE HAS REDEFINED CYBER CRIME
Sanjay Sahay
Have a nice evening