Apple Reportedly Targeted in $50 Million Ransomware Attack

Cybersecurity

Apple Inc has reportedly suffered a ransomware attack at the hands of REvil operators. The hackers have revealed that the tech company has until 1 May to pay the ransom or risk losing confidential drawings and gigabytes of personal data.

Cybersecurity
Cybersecurity

“Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” says REvil operators. “We recommend that Apple buy back the available data by May 1.”

According to The Record, the REvil gang asked for a $50 million ransom demand, similar to the sum they requested from laptop maker Acer last month.

Read also:Three Cybersecurity Challenges Triggered by COVID-19 Lockdown

Denis Legezo, Senior Security Researcher for Kaspersky’s Global Research and Analysis Team, says “REvil ransomware has been known since 2019 and it can both encrypt data and steal it. It is distributed on specialised forums “by subscription” (ransomware-as-a-service)”.

Thus, two groups of attackers are involved in the attack: the first finds a breach in the protection of the organisation and injects REvil there and the second creates the malware. After encryption or data theft, a ransom is demanded from the victim. And if successful, it is divided between these groups.

Read also:Why Cybersecurity is Crucial in the Age of Tap-to-Pay

“An interesting feature is that the malware does not start if certain languages are detected when checking the system language and existing keyboard layouts (this is a large set of dozens of layouts), including Russian.”

An attack like this, unfortunately, is not unique. Legezo goes on to say that targeted ransomware attacks on large companies have become quite common, especially over the past few years.

Read also:Appzone to Expand Banking Technology Across Africa With New Funding

“One specific attack, even on an organisation known worldwide, will not change the way things are operated. But we hope that the reaction to this trend will include the introduction of information security events monitoring; complex cybersecurity systems, including for proactive detection of attacks; and enhanced training of employees around cybersecurity rules”.

Kelechi Deca

Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry

How to Protect Organisations from Ransomware Attacks

Cybersecurity

In recent times, the methods cybercriminals use to distribute ransomware has changed dramatically. While a few years ago, they would spread encrypted files on a large scale, today, their ransomware attacks have become more focused.

Cybersecurity
Cybersecurity

Now, fraudsters examine the target in detail and research each target, looking for additional leverage. In order to protect business data from ransomware attacks, experts at Kaspersky recommend these seven tips:

Read also:Airtel Leaves Ghana, Sells Business To Ghanaian Government

Installing only applications obtained from reliable sources from official websites. Always have fresh backup copies of your files, so you can replace them in case they are lost (e.g. due to malware or a broken device). Remember to store them, not only on the physical object but also in the cloud for greater reliability. Make sure you can quickly access them in an emergency. And also pay more attention to digital literacy inside the company. For example, by introducing cybersecurity awareness training for your employees

Read also:Three Cybersecurity Challenges Triggered by COVID-19 Lockdown

Installing all security updates as soon as they are available. Always update your operating system and software to eliminate recent vulnerabilities

Carrying out a cybersecurity audit of your networks and remediating any weaknesses discovered in the perimeter or inside the network. Enabling ransomware protection for all endpoint, and remembering that ransomware is a criminal offence. If you become a victim, never pay the ransom. It won’t guarantee that you will get your data back, but it will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency.

Kelechi Deca

Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry