Organised crime is alarmingly organised

FatFace paid $2m to recover from an attack on their systems earlier this year.

This unfortunate episode is instructional because it highlights how organised and "professional" such criminal gangs are. It helps us conduct our risk assessments and be strategic about our defences.

The attack started by phishing credentials, i.e. tricking someone into handing over their login.

Once inside the network, the Conti ransomware gang did their research, including discovering FatFace’s income and level of insurance to negotiate the ransom amount.

They operated a “double extortion”. Not only was data encrypted but it was stolen so that personal data could be leaked on the Internet. Even if you are in a position to recover data from backup, you want to pay to avoid the breach of personal data.

In many ways, the Conti gang presents like a professional security service.

• They focus on certain verticals, to better understand their targets.
• The gang’s negotiator appears as “Support” in the logs.
• They offer advice on how they got in.
• They are interested in preserving their long-term opportunities to extort money; declaring no interest in bankrupting companies and establishing a reputation for their decryptor tool working reliably, once payment is made.

Computer Weekly’s article will help you assess your readiness against such attacks.

Thanks to Sarah Richter from Pixabay for the image.