Experts On Clop Ransomware Attacking Retail Giant E-Land

Clop ransomware claimed to have stolen 2 million credit cards from E-Land Retail over a one-year period. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store.Last months, E-Land retail shut down number of stores after suffering a CLOP ransomware attack. E-Land Retail assure that this ransomware attack has not affected the customer data which was kept on different server in encrypted form.

Experts Comments

December 04, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
Ransomware operators no longer lead with encrypting data. Rather, many are taking their time to understand their victim environments, navigating throughout the infrastructure to find valuable information that is worth stealing as well as gaining an understanding of what information is worth encrypting with ransomware, and how much they should charge. If the groups claims are to be believed, they had been inside the network for over a year. This is why it's important for organisations to try.....Read More
Ransomware operators no longer lead with encrypting data. Rather, many are taking their time to understand their victim environments, navigating throughout the infrastructure to find valuable information that is worth stealing as well as gaining an understanding of what information is worth encrypting with ransomware, and how much they should charge. If the groups claims are to be believed, they had been inside the network for over a year. This is why it's important for organisations to try and prevent criminal gangs entering their environment to begin with by having good technical controls such as perimeter controls, patching software, MFA, and security awareness training amongst others. Similarly, it's important to have strong monitoring and threat detection controls in place so that any infiltration can be quickly and reliably detected so that remedial action can be taken.  Read Less
December 04, 2020
Matt Walmsley
EMEA Director
Vectra
This is a timely reminder that Ransomware operators have changed their tactics and become far more targeted. Not only are they performing data theft and public bullying, but they remain active inside an organisation for extended periods prior to detection. In this case, valuable credit card details were stolen from retail Point of Sale systems- such systems are often unable to be covered by end point security software. In situations such as these, the performance and analytical power of AI is .....Read More
This is a timely reminder that Ransomware operators have changed their tactics and become far more targeted. Not only are they performing data theft and public bullying, but they remain active inside an organisation for extended periods prior to detection. In this case, valuable credit card details were stolen from retail Point of Sale systems- such systems are often unable to be covered by end point security software. In situations such as these, the performance and analytical power of AI is needed to detect the subtle indicators of ransomware behaviours and the misuse of privileged credentials from networks and the cloud. This can be done at a speed and scale that humans and traditional signature-based tools simply cannot achieve. Ransomware will continue to be a potent tool in cybercriminals’ arsenals as they attempt to exploit, coerce, and capitalise on organisations’ valuable digital assets. For those looking to transfer the financial risk of ransomware to insurers should also take note that S&P recently predicted a 20-30% hike in cyber insurance premiums, and even some policies containing ransomware specific restrictions. This means the ability to quickly and accurately detect and respond to the early stages of a ransomware operation compromising your systems, will become even more critical.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT
Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts