SpearTip | May 27th, 2022

During last year, ransomware intrusions increased 13% globally, according to Verizon‘s 2022 Data Breach Investigations Report. Given the trends and breaches noted in this installment of the “Weekly Ransomware Wrap-Up“, the unfortunate trajectory continues to be upward.

An emerging ransomware variant known as ‘Cheers’ or ‘Cheerscrypt’ has been discovered targeting vulnerable VMware ESXi servers. Recently this particular attack vector has been increasingly targeted by ransomware operators, including LockBit and Hive.

A ransomware attack against the Somerset County, New Jersey government disabled email and other vital services required for official business. Threat researchers indicate this is the 22nd example of a local government being hit by ransomware in 2022.

A new ransomware variant dubbed ‘GoodWill’ requires attack victims to donate clothes, food, or money to charity in exchange for a decryption key. GoodWill ransomware represents a rising threat that pushes political and social causes above financial incentives for decrypting or wiping victims’ data.

Indian airline, SpiceJet, experienced an attempted ransomware attack against its flight operation infrastructure that impacted IT systems and delayed flights. While the attack was said to be thwarted, the investigation and flight delays are ongoing.

Chicago Public Schools reported data from 550,000 students and staff was exposed following a ransomware attack on a 3rd party vendor. Just as MSPs are increasingly targeted for ransomware because they have access to sensitive data from numerous businesses, so too are vendors such as Battelle for Kids, which holds school district data for educational purposes.

As the threat landscape continues to evolve and become more treacherous for businesses and government institutions, it is increasingly vital to partner with a cybersecurity firm like SpearTip to ensure you are not victimized by threat actors.