Expert Comments

Experts On Clop Ransomware Attacking Retail Giant E-Land

Expert(s):
Expert(s):

Clop ransomware claimed to have stolen 2 million credit cards from E-Land Retail over a one-year period. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store.Last months, E-Land retail shut down number of stores after suffering a CLOP ransomware attack. E-Land Retail assure that this ransomware attack has not affected the customer data which was kept on different server in encrypted form.

Experts Comments

Dot Your Expert Comments
Javvad Malik
December 04, 2020
Security Awareness Advocate
KnowBe4

It's important for organisations to try and prevent criminal gangs entering their environment to begin with by having good technical controls.
Ransomware operators no longer lead with encrypting data. Rather, many are taking their time to understand their victim environments, navigating throughout the infrastructure to find valuable information that is worth stealing as well as gaining an understanding of what information is worth encrypting with ransomware, and how much they should charge. If the groups claims are to be believed, they had been inside the network for over a year. This is why it's important for organisations to try.....Read More
Ransomware operators no longer lead with encrypting data. Rather, many are taking their time to understand their victim environments, navigating throughout the infrastructure to find valuable information that is worth stealing as well as gaining an understanding of what information is worth encrypting with ransomware, and how much they should charge. If the groups claims are to be believed, they had been inside the network for over a year. This is why it's important for organisations to try and prevent criminal gangs entering their environment to begin with by having good technical controls such as perimeter controls, patching software, MFA, and security awareness training amongst others. Similarly, it's important to have strong monitoring and threat detection controls in place so that any infiltration can be quickly and reliably detected so that remedial action can be taken.  Read Less
Matt Walmsley
December 04, 2020
EMEA Director
Vectra

This can be done at a speed and scale that humans and traditional signature-based tools simply cannot achieve.
This is a timely reminder that Ransomware operators have changed their tactics and become far more targeted. Not only are they performing data theft and public bullying, but they remain active inside an organisation for extended periods prior to detection. In this case, valuable credit card details were stolen from retail Point of Sale systems- such systems are often unable to be covered by end point security software. In situations such as these, the performance and analytical power of AI is .....Read More
This is a timely reminder that Ransomware operators have changed their tactics and become far more targeted. Not only are they performing data theft and public bullying, but they remain active inside an organisation for extended periods prior to detection. In this case, valuable credit card details were stolen from retail Point of Sale systems- such systems are often unable to be covered by end point security software. In situations such as these, the performance and analytical power of AI is needed to detect the subtle indicators of ransomware behaviours and the misuse of privileged credentials from networks and the cloud. This can be done at a speed and scale that humans and traditional signature-based tools simply cannot achieve. Ransomware will continue to be a potent tool in cybercriminals’ arsenals as they attempt to exploit, coerce, and capitalise on organisations’ valuable digital assets. For those looking to transfer the financial risk of ransomware to insurers should also take note that S&P recently predicted a 20-30% hike in cyber insurance premiums, and even some policies containing ransomware specific restrictions. This means the ability to quickly and accurately detect and respond to the early stages of a ransomware operation compromising your systems, will become even more critical.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...

Experts On Google Voice Outage

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab...