Cybersecurity Experts On Medical And Military Contractor Kimchuk Hit By Data-stealing Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Mar 27, 2020 02:07 am PST

It has been reported that Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware. The manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security clearance. Its systems were infected and knocked offline earlier this month by DoppelPaymer, a newer strain of ransomware that exfiltrates data out of an infected network before encrypting user files. If a victim doesn’t pay the ransom to decrypt their files, the DoppelPaymer group will begin publishing the contents of their victim’s network. When the company did not pay, the hackers began publishing portions of Kimchuk’s network. The files included the company’s payroll records, broker approvals and purchase orders. None of the files we reviewed contained information marked as classified. But several documents contained order details of one of its customers’ nuclear divisions.