Russia-based cyber gang claims massive hack

A notorious Russia-based cybercrime gang (‘Clop’) is threatening to publish data stolen from “hundreds” of organisations this Wednesday (14 June), unless the victims start ransom negotiations beforehand.

For its attack, Clop (again) exploited a vulnerability in a popular file transfer platform.

So its list of victims is long and getting longer. It includes the BBC, British Airways, Canada’s Nova Scotia province, the US state of Illinois, and more.

Intrigue’s take: Meanwhile, the list of options for victims is grimly short:

  • Refuse to pay, and watch reams of your data go public, or
  • Pay the ransom, but embolden cyber criminals in the process.

For everyone else, the lesson is clear and getting clearer: yes, cybersecurity is expensive. But not having it is even costlier.

Also worth noting:

  • Clop issued instructions to victims via a blog post. It’s possible the sheer number of victims made individual ransom emails impractical.
  • Clop conducted its attack over the Memorial Day weekend. Hackers often attack during holidays when staffing is reduced.