Total Tests:

Active Directory domain controllers spreading ransomware: After Brexit, it’s .SaveTheQueen!

By Chandu Gopalakrishnan for SC Media
Friday, February 7, 2020

A minimum of five law firms were held hostage by the Maze group in late January and early February, reported Emisoft. The total number of organisations held for ransom range between 45 to 180 in January, the report added.

“Ransomware tactics are becoming extremely perilous by leaving the victims with no solution other than having to pay the ransom. Previously, most of the ransomware campaigns were merely hindering victims' daily operations, as organisations with daily backups and other important cyber-security processes managed to recover pretty quickly and without many losses,” commented Immuniweb founder and CEO Ilia Kolochenko.

“Moreover, some organisations did not even report such incidents to avoid potential fines and lawsuits. Now such incidents have become an invitation to file a class action by the victims and prosecution of careless organisations by competent law enforcement agencies”.

Varonis did not disclose whether the target organisation received a ransom call.

“What’s interesting is that it uses the company’s own Active Directory domain controllers to spread the ransomware within the organisation. Had this slipped under the radar, thousands of machines could've been encrypted due to its fast-spreading nature,” he pointed out. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential