A new global ransomware campaign has targeted at least 3,800 victims, including hundreds in the U.S., according to crowdsourced data reviewed by European and U.S. cybersecurity officials. A warning has been given.
However, only four of those victims have paid the ransom so far, according to “Ransomwhere,” a platform created by cybersecurity researchers to track ransomware attacks. And to what extent ransomware — which encrypts computers and demands payment — has disrupted the operations of affected organizations, if at all, is unclear.
The attackers are exploiting a 2-year-old vulnerability in widely used software developed by California-based cloud computing giant VMware.
Ransomwhere’s 3,800 victim count covers IP addresses, the unique numbers that identify computers online. The number of affected organizations may be less than 3,800 if multiple IP addresses match the same organization.
Reuters first reported the Ransomwhere data.
Despite arrests and hacking infrastructure takeovers, ransomware remains one of the digital threats to the operation of critical infrastructure such as hospitals and factories. And the problem is compounded by poor security practices.
The latest outbreak occurred because infected organizations left vulnerable software directly exposed to the public Internet, making it easy for cybercriminals to exploit.
French and Italian government agencies warned of the attacks late last week and into the weekend, and now U.S. cybersecurity officials say they are on call to help U.S. victims.
A CISA spokesperson said the federal US Cybersecurity and Infrastructure Security Agency is “working with our public and private sector partners to assess the impact of these reported incidents and provide assistance where needed.” Is.”
Read full article here