HIVE Ransomware

It has been reported by Europol that international police forces including An Garda Síochána have conducted a successful operation to take down HIVE ransomware.

https://www.europol.europa.eu/media-press/newsroom/news/cybercriminals-stung-hive-infrastructure-shut-down

This group deployed software on a “RaaS” (Ransomware as a Service) basis, where they deployed the malware on behalf of criminal gangs and in the past 18 months managed to attack 1,500 companies and get €100 million in ransomware payments.

What did the Malware do?

The attacks generally took place in 2 steps, where they would perform “data exfiltration”, copying the data to their servers and then would deploy encryption software and encrypt the targets network, making it totally un-useable, this is step 1. The gang would then demand payment, threatening that if payment was not received, the encrypted servers would be permanently deleted and the copied data would be exposed on the dark web for all to see

What can I do to protect against these kind of attacks?

The question is always, “what protections do I have, when I am attacked”, not “what protections do I have, if I am attacked”. The recommendations we suggest are as follows:

1): Software

Use the latest version and most up to date version of applications and stay supported.

2): Backups

Have a back up in place and test it.

3): Training

The best tools are useless, if staff don’t use them, make sure all staff are trained in Data Protection and Information Security.

#ThinkB4UClick

Want to know more?

For more information on Cybersecurity best practice and how to increase awareness, contact us at cybersecurity@lss.ie or +353 1 8226460

Previous
Previous

ISpoof - What Happened?

Next
Next

GDPR and BitLocker