Ransomware attacks are on the rise, causing organizations to lose millions of dollars, restricting them from accessing their data, and possibly disclosing personal information.
According to the FBI Private Industry Notification, ransomware attackers have recently been taking advantage of flaws in vendor-controlled remote access to casino servers. These attackers have hurt businesses by using legal system management tools to gain more access to the network.
In response to these new activity trends, the FBI advises organizations to take action to strengthen their security posture.
The FBI keeps track of reports of third-party vendors and services being used as a point of attack for ransomware attacks. In particular, between 2022 and 2023, they also noticed ransomware attacks that affected casinos through third-party gaming vendors.
Small and tribal casinos were regularly the target of the attacks, which encrypted servers and the personally identifying information (PII) of employees and patrons.
As of June 2023, the Luna Moth, known as the Silent Ransom Group (SRG), was conducting callbackphishing data theft, and extortion attacks.
Typically, the phishing effort would involve the victim receiving a phone number related to pending charges on their account.
After the victims dialed the number provided, the malicious actors sent them a follow-up email with a link to join a legitimate system management tool.
The threat actors then utilized the management tools to install other legitimate system management tools that can be reused for malicious activity. Once the network shared drives and local files were compromised, the actors stole victim data and extorted the companies.
Ensure your Cyber Resiliance with the recent wave of cyber-attacks targeting the financial services sector. Almost 60% respondents not confident to recover fully from a cyber attack.
The FBI tells network defenders to take the necessary steps to lower the risk of ransomware attacks and to limit the use of common system and network discovery techniques that could be used for bad purposes.
Patch Manager Plus: Automatically Patch over 850 third-party applications quickly – Try Free Trial.
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…