According to data collected by Recorded Future, the number of ransomware attacks targeting schools hit a record high in June, averaging more than one attack per day. There were 37 attacks against schools throughout June, compared to 24 attacks the previous month.
The surge was mostly the work of the Russia-based Clop ransomware group’s use of the vulnerability in the MOVEit file transfer tool.
“Schools were really impacted by the Cl0P MOVEit attacks,” said Allan Liska, a ransomware expert at Recorded Future who is involved in tracking attacks. “Cl0p was responsible for 12 attacks against schools in June — almost one-in-three — and propelled school ransomware attacks to their worst month ever.”
Clop wasn’t the only active group ransomware group in June. Researchers noted that LockBit has been responsible for some of the worst recent attacks, including a major US dental insurance provider with 9 million leaked accounts, a water utility in Portugal, and the significant attack against U.K.’s Royal Mail.
“Clop accounts for a lot of the activity in June, but overall ransomware attacks have just been really bad,” Liska said. “There are more groups going after more targets and it is a never ending barrage of attacks.”
Willy Leichter, PV of Marketing, Cyware said this:
“Like many criminals, cyber attackers like to prey on the most vulnerable and least protected, such as schools, or small healthcare providers. Ransomware attacks on small organizations without robust security teams, or backup practices can be devastating. The bottom line is these groups will often pay ransoms out of necessity to keep their operations intact. As long as the financial incentive remains, ransomware will continue indefinitely.”
Hopefully schools and healthcare providers get the dollars that they need to protect themselves from ransomware attacks. Because there should not be any weak links to allow threat actors to flourish.
Like this:
Like Loading...
Related
This entry was posted on July 11, 2023 at 8:30 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ransomware Attacks On Schools Surged In June
According to data collected by Recorded Future, the number of ransomware attacks targeting schools hit a record high in June, averaging more than one attack per day. There were 37 attacks against schools throughout June, compared to 24 attacks the previous month.
The surge was mostly the work of the Russia-based Clop ransomware group’s use of the vulnerability in the MOVEit file transfer tool.
“Schools were really impacted by the Cl0P MOVEit attacks,” said Allan Liska, a ransomware expert at Recorded Future who is involved in tracking attacks. “Cl0p was responsible for 12 attacks against schools in June — almost one-in-three — and propelled school ransomware attacks to their worst month ever.”
Clop wasn’t the only active group ransomware group in June. Researchers noted that LockBit has been responsible for some of the worst recent attacks, including a major US dental insurance provider with 9 million leaked accounts, a water utility in Portugal, and the significant attack against U.K.’s Royal Mail.
“Clop accounts for a lot of the activity in June, but overall ransomware attacks have just been really bad,” Liska said. “There are more groups going after more targets and it is a never ending barrage of attacks.”
Willy Leichter, PV of Marketing, Cyware said this:
“Like many criminals, cyber attackers like to prey on the most vulnerable and least protected, such as schools, or small healthcare providers. Ransomware attacks on small organizations without robust security teams, or backup practices can be devastating. The bottom line is these groups will often pay ransoms out of necessity to keep their operations intact. As long as the financial incentive remains, ransomware will continue indefinitely.”
Hopefully schools and healthcare providers get the dollars that they need to protect themselves from ransomware attacks. Because there should not be any weak links to allow threat actors to flourish.
Share this:
Like this:
Related
This entry was posted on July 11, 2023 at 8:30 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.