July 30, 2020 -Netwalkerransomware attacks are again on the rise, targeting US and foreign health agencies, education entities, private companies, and governments, according to a recent FBI flash alert.Victims were also warned to not pay the ransom demand but to report incidents to the FBI.
The hacking group hasnotoriouslytargetedthe healthcare sector throughout the COVID-19 crisis. A reportin MayshowedNetwalkerhackers were partnering with other cybercriminals to gain access to enterprise networks through aRansomware-as-a-Service (RaaS) model.
Most recently, theUniversity of California San Francisco paid the hackers$1.14 millionto unlock several of its School of Medicine servers after an attack. The group wasalso behind the ransomware attack on theChampaign-UrbanaPublic Health District inIllinois.
According to the alert,Netwalkerhas continued to use the COVID-19pandemic to their advantage. In June, the FBI was notified ofmultiple attacks on those entities and successfully compromising an increasing number of unsuspecting victims.
In the latest attacks, the threat actors gain a foothold onto the network and later encryptall connected Windows-based devices and data to render critical databases, files, and applications inaccessible. Then,Netwalkerwill deploy an embedded configuration that includes a ransom noteand file names, along withvarious configuration options.
Previous attacks used COVID-19 phishing lures able to spread through Visual Basic Scripting (VBS) script that executed when the email was opened by the user. The hackers have also commonly exploited Virtual Private Networks (VPNs), vulnerabilities in web application interface components, andweak credentials used for Remote Desktop Protocol (RDP) connections.
But most commonly, the hackersexploit known vulnerabilities in Pulse Secure VPNs.The Department of Homeland Security Cybersecurity and Infrastructure Security Agency warned threat actors were targeting those flawsin April, even if the organization had applied the patch.
Once an infiltrated a network withNetwalker, a combination of malicious programs may be executed to harvest administrator credentials, steal valuable data, and encrypt user files, the FBI warned. In order to encrypt the user files on the victim network, the actors typically launch a malicious PowerShellscript embedded with theNetwalkerransomware executable.
Actors usingNetwalkerhave previously uploaded stolen data to the cloudstorage and file sharing service, MEGA.NZ, by uploading data through the MEGA website or by installing the MEGA client application directly on a victims computer, they added.
The group transitioned from uploading and releasing stolen data on MEGA to another file sharing service in June. Double extortion was first made popular byMazeransomware hackers, but other attackers includingNetwalker soonfollowed suit.
The FBI does not encourage victims to pay the ransom, which may embolden cybercriminals to target additional organizationsor encourage other hackers to leverage ransomware, as well. Paying the ransom demand also does not guarantee the hackers will unlock the files.
And notably, someransomwareattacks have been known to causedata loss.
The FBI provided organizations with some key mitigations, including backing up critical data offline, ensuring copies of critical data are stored in the cloud or on an external hard driveor storage device.
Organizations should also secure backups, ensuring data is inaccessible to modification or deletion from the system. Anti-virus or anti-malware software should be installed and regularly updated on all hosts, while organizations should only use secure networks.
The agency also recommended organizations install and use a VPN, as well as two-factor authentication with strong passwords. Computers, devices, and applications must be routinely patched and keptup-to-date.
- Could Snowflake Rival Amazon in Cloud Storage and Services? Here's What You Need to Know About the New So - Tech Times - September 15th, 2020
- How Cloud Computing Can Deal With Lightning Strikes and Hackers - Carnegie Endowment for International Peace - September 15th, 2020
- How to approach IT logging in the cloud vs. on premises - TechTarget - September 15th, 2020
- This lifetime web hosting subscription comes with up to 1TB of storage - Mashable - September 15th, 2020
- Keep It in the Cloud! Best Cloud Storage Systems of 2020 - iDrop News - September 6th, 2020
- Impact of COVID-19 on Cloud Storage Software Market 2025 Expected to reach Highest CAGR including major key players Amazon Web Services, Microsoft,... - September 6th, 2020
- Facebook adds cloud storage providers Dropbox and Koofr to its photo and video portability tool - Digital Information World - September 6th, 2020
- Cloud storages you need to know - The Star, Kenya - September 6th, 2020
- How COVID-19 is Impacting the Consumer Cloud Storage Services Market by Industry Analysis, by Type, Application and Top Players:Apple, Google, Box,... - September 6th, 2020
- Cloud Storage Gateway Market to Witness Stunning Growth by 2027; Key Players are Riverbed Technology, SoftNAS, Inc., Oracle, Microsoft, Nasuni... - September 6th, 2020
- COVID-19 Is Driving a Cloud Computing Surge That Will Only Continue | Opinion - Newsweek - September 6th, 2020
- Asia Pacific Personal Cloud Market Industry Analysis and Market Forecast (2019-2026) _ Hosted Types, Revenues, User Type, and Geography. - Galus... - September 6th, 2020
- Amazon's Blink Unveils New Wireless Security Cameras with HD Video, Flexible Storage Options, and New Battery Expansion Pack Cameras Start at $79.99... - September 2nd, 2020
- Cloud Storage Software Market Will Raise Beyond Imagination over Period 2025 | Microsoft, Oracle, Rackspace Hosting, Red Hat, IBM - Scientect - September 2nd, 2020
- Stand Alone Cloud Storage Market Current Industry Size and Future Prospective with Key Players, Drivers and Trends - The Daily Chronicle - September 2nd, 2020
- Media And Entertainment Storage TAM To Exceed $16B By 2025 - Forbes - September 2nd, 2020
- The Launching Ceremony for XnMatrix Wrapped Up, the Next Generation of Cloud Computing Eco-System Sets Sail - PRNewswire - September 2nd, 2020
- Why not open our own Container Registry, muses GitHub as it gives orgs a hand at resource-sharing DEVCLASS - DevClass - September 2nd, 2020
- Sharing responsibility: Why we need to work together to keep the cloud secure - ComputerWeekly.com - September 2nd, 2020
- Data breach exposes tens of thousands of NSW drivers licences online - ABC News - September 2nd, 2020
- 10 Key Takeaways From NetApp CEO George Kurian: Cloud, Coronavirus And Growth - CRN: Technology news for channel partners and solution providers - September 2nd, 2020
- Responding to Cloud Misconfigurations with Security Automation and Common-Sense Tips - Security Boulevard - September 2nd, 2020
- How to Prepare for the Next Time the Cloud Goes Down - Gizmodo - September 2nd, 2020
- Demand for Consumer Cloud Storage Services Market from Major End-use Sectors to Increase in the Near Future - The Scarlet - August 29th, 2020
- Prevent the storage and data security risks of remote work - TechTarget - August 29th, 2020
- Samsung kills Gallery Sync and Drive support in favor of OneDrive - Android Central - August 29th, 2020
- 4 great Android apps to edit the perfect photo - Phandroid - News for Android - August 29th, 2020
- Google Cloud and STS to Automate US Navy Maintenance Inspections Using AI and ML Technology - PRNewswire - August 29th, 2020
- New innovative report on Cloud Storage Gateway Market Future Growth Analysis, Business Demand and Opportunities to 2027 - The Scarlet - August 29th, 2020
- Global Cloud Based Storage Market 2020 Industry Outlook, Comprehensive Insights, Growth and Forecast 2026 - Good Night, Good Hockey - August 29th, 2020
- In quest to go paperless (and save money), Mizuho to start charging for bank books - Japan Today - August 29th, 2020
- NetApp posts strong Q1, plots big re-organisation Blocks and Files - Blocks and Files - August 29th, 2020
- The Handiest Video Doorbells to Remotely Test Who's At your Doorstep - Herald Planet - August 29th, 2020
- Explore the best free cloud backup services on the market - TechTarget - August 26th, 2020
- Integrated Media Technologies Joins the Active Archive Alliance - Sports Video Group - August 26th, 2020
- Storj Labs and FileZilla Collaborate to Offer Secure File Storage in the Remote Work Era - Database Trends and Applications - August 26th, 2020
- Cloud Compliance Frameworks: What You Need to Know - Security Boulevard - August 26th, 2020
- Reevert Unveils Advanced Tools to Enhance Network Security and Efficiency for Remote Workforces - PRNewswire - August 26th, 2020
- Enhancing Network Visibility for SD-WAN in the Era of Cloud and SaaS - The Fast Mode - August 26th, 2020
- Where to Back Up Your Smartphone Photos Online (and Why You Should) - Lifehacker - August 24th, 2020
- NordLocker encryption heads to the cloud - IT PRO - August 24th, 2020
- What Is the OneDrive File Size Limit? Microsoft's 2020 Updates - Cloudwards - August 24th, 2020
- A Security Flaw In 'Manage Versions' Feature Of Google Drive Could Allow Malware Attackers Trick Victims Into Installing Rogue Code - Digital... - August 24th, 2020
- Medical Image Cloud Market Expected to Witness High Growth over the Forecast Period 2020 2025 - The Daily Chronicle - August 24th, 2020
- What Is OneDrive? A 2020 Guide to Microsoft's Cloud Storage - Cloudwards - August 20th, 2020
- Stand Alone Cloud Storage Market Growth, Industry Verticals and Forecast to 2026 - Scientect - August 20th, 2020
- Outlook on the Healthcare Data Storage Global Market to 2026 - Opportunity Analysis for New Entrants - ResearchAndMarkets.com - Business Wire - August 20th, 2020
- Personal Cloud Storage Market by Top Manufacturers with Production, Price, Revenue (value) and Market Share to 2026 - The Daily Chronicle - August 16th, 2020
- Pure Storage and Cohesity in Partnership to Deliver Rapid Recovery at Scale - insideHPC - August 16th, 2020
- Cloud Storage Systems Market Analysis, Size, Regional Outlook, Competitive Strategies and Forecasts to 2025 - eRealty Express - August 16th, 2020
- Cloud Storage Market Size by Top Companies, Regions, Types and Application, End Users and Forecast to 2027 - Bulletin Line - August 16th, 2020
- How to install the Seafile cloud storage solution on Ubuntu Server 20.04 - TechRepublic - July 31st, 2020
- Five on-premise and cloud options for network-attached storage - ComputerWeekly.com - July 31st, 2020
- Want to back up the worlds largest SSD? Use this 100TB cloud storage - TechRadar - July 31st, 2020
- 4 reasons why Tresorit is the best cloud storage service - Tech Advisor - July 31st, 2020
- Cloud Technologies Your Business Needs in 2020 - The Seeker - July 31st, 2020
- The entire Netflix movie archive will fit on this 90PB storage system - TechRadar - July 31st, 2020
- Student discounts: the best offers in 2020 - Creative Bloq - July 31st, 2020
- Cloud Storage Market to Grow at a CAGR of 21.9% from 2020 to 2027 to Reach $222 Billion by 2027 - PRNewswire - July 23rd, 2020
- Google Cloud Claims Another Win With Box Partnership - Forbes - July 23rd, 2020
- Stand Alone Cloud Storage Market Size, Share, Growth Rate, Revenue, Applications, Industry Demand & Forecast to 2025 - 3rd Watch News - July 23rd, 2020
- Global Enterprise Cloud Storage Market 2020 by Company, Regions, Type and Application, Forecast to 2025 - Cole of Duty - July 23rd, 2020
- Stand Alone Cloud Storage Market: The Development Strategies Adopted By Major Key Players And To Understand The Competitive Scenario - 3rd Watch News - July 23rd, 2020
- BitDam Advanced Threat Protection now available on Microsoft Azure Marketplace - Help Net Security - July 23rd, 2020
- Nexsan Unity taps into cloud and Assureon archive - TechTarget - July 23rd, 2020
- IPVanish July sale: three months of VPN cover for the price of one with this deal - Tom's Guide UK - July 23rd, 2020
- Commvault integrates Hedvig with HyperScale X appliance Blocks and Files - Blocks and Files - July 23rd, 2020
- Q&A: Sophos poll shows how attackers are taking advantage of cloud migration to wreak havoc - Security Boulevard - July 23rd, 2020
- Life After COVID 19: E-Discovery Considerations for Attorneys and Clients - JD Supra - July 23rd, 2020
- 4 Ways to Advance Your Tech Without Sacrificing Security - Security Boulevard - July 7th, 2020
- Cloud Storage Market Is expected to Witness Significant Growth between 2020 to 2028| Top Key Players- AWS, IBM, Microsoft, Google, Oracle, HPE - Owned - July 7th, 2020
- Software-defined storage: It's a Thing Blocks and Files - Blocks and Files - July 7th, 2020
- Microsoft takes legal action against COVID-19-related cybercrime - Microsoft on the Issues - Microsoft - July 7th, 2020
- How Vodafone is helping MSMEs gear up for their business revival - YourStory - July 7th, 2020
- IP Video Surveillance And VSaaS Market Growth Analysis By Manufacturers, Regions, Types and Application Forecast - Apsters News - July 7th, 2020
- Alternatives to banned apps Shareit and Xender for file transfer - Digit - July 4th, 2020
- I Don't Care How Great These OneDrive Improvements Are, I'm Not Using It - Gizmodo UK - July 4th, 2020
- Cloud Based Storage Market with Report In Depth Industry Analysis on Trends, Growth, Opportunities and Forecast till 2024 - AlgosOnline - July 4th, 2020
- Global Cloud Storage Software Market 2020, Analysis by Growing Demand, Types, Application, Top Trends, User-Demand and Opportunities Assessment till... - July 4th, 2020
- Cloud Robotics Market to Grow at Robust CAGR in the COVID-19 - Kentucky Journal 24 - July 4th, 2020