Expert Comment: Lapsus$ Ransomware Gang

According to reports, Lapsus$ ransomware gang hit Portugal’s largest TV channel, SIC, last week. The attackers were able to successfully infiltrate SIC’s systems because of a phishing email (possibly sent by an employee). Once they entered the system, they encrypted all of their files and demanded 2 bitcoins for decryption. After receiving payment from SIC, they released all of their data and updated their antivirus software before leaving.

Background: Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso, the country’s largest TV Channel and weekly newspaper, was hit with a ransomware attack over the New Year holiday and is currently being used to extort Impresa. All websites for the Impresa group, Expresso, and all the SIC tv channels are currently offline.

Subscribe
Notify of
guest
2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Nasser Fattah
Nasser Fattah , Executive Advisor
InfoSec Expert
January 4, 2022 12:36 pm

<p>Company downtime equates to a loss of revenue, in one form or another, which is an immediate byproduct of ransomware. Hence the importance of doing ransomware tabletop exercises to not only best prepare for an attack, but also to engage the business to best understand the financial impact of system outages.</p>

Last edited 5 months ago by Nasser Fattah
Dave Pasirstein
Dave Pasirstein , CPO & Head of Engineering
InfoSec Expert
January 4, 2022 12:44 pm

<p>Ransomware is not going away. It\’s a lucrative business that is nearly impossible to protect all risk vectors; however, it is made easy by enterprises failing to take enough precautionary steps. Those steps must include: zero trust approaches, active patching, end-point and email protection, employee culture/training/testing, and very strong authentication such as modern MFA, ideally a password-less MFA that is not based on shared-secrets and thus, cannot easily be bypassed by a server compromise.</p>

Last edited 5 months ago by Dave Pasirstein
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x