SpearTip | August 26th, 2022

This ‘Weekly Ransomware Wrap-Up’ serves as yet another reminder that threat actors are active around the globe searching for opportunities and launching attacks designed to devastate the victims in exchange for financial gain. The best response to such news is to harden your security posture so these threat operations cannot gain a foothold within your environment.

Quantum ransomware perpetrated an attack against the Dominican Republic government, impacting servers and encrypting data within its Ministry of Agriculture. A ransom demand of approximately $650,000 was set in exchange for the allegedly stolen data and decryption key.

The largest natural gas distributor in Greece, DESFA, experienced system outages following a ransomware attack on its critical infrastructure. The Ragnar Locker operation accepts responsibility for the attack and alleges to possess sensitive data files.

A leading technology provider for the world’s largest airlines, India-based Accelya, had sensitive data stolen and its systems disrupted by BlackCat/ALPHV ransomware. In an attempt to extort its victims, BlackCat operators posted some of the stolen data on its leak site.

Just as students around the country are heading back to school, Mansfield, Texas Independent School District (ISD) was victimized by ransomware that knocked all internet-connected systems offline. The extent of the breach, including whether or not personal data was stolen, is yet unclear.

1,000-bed French Hospital, Center Hospitalier Sud Francilien (CHSF), has been forced to refer patients elsewhere for treatment after a ransomware attack likely perpetrated by LockBit. The threat group is demanding a $10M ransom in exchange for a decryption key that can assist in restoring systems.

At SpearTip, we provide comprehensive solutions for the ransomware problem with our ShadowSpear Platform, an integrable security tool powered by with a 24/7 SOC staffed with certified engineers continuously engaged in cyber threat hunting. With an industry-leading incident response time, we assist organizations in eliminating downtime and protecting their business-critical data from malicious threat actors and ransomware.  

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.