Incendiary cyber attacks
The hacker group has been blackmailing companies from the telecommunications, healthcare and finance sectors for weeks. The attacks on such critical infrastructures are highly dangerous.
Paul Kaffsack, CEO of Myra Security
In recent weeks, Myra Security has repeatedly fended off major attacks on behalf of the hacker group Fancy Lazarus. Again and again we were contacted by companies who were blackmailed in an emergency. The process: the hackers threaten with a DDoS attack and demand ransom in Bitcoin. As a warning, the company is paralyzed with an attack. In case of non-payment, the claim increases and is quickly in the six – to seven-digit range. At the same time, more and more attacks follow. Although we can help attack victims who do not have preventive protection with an emergency setup. But often the damage is already considerable. Myra customers are protected against these attacks.
As IT security specialists, we have been observing the accumulation of this pattern for some time. What is worrying about the current attacks: we see that the targets are mainly from the telecommunications, healthcare and finance sectors. So critical infrastructures that are vital to our society.
** Paul Kaffsack, CEO of Myra Security comments: “The current waves of attacks are unscrupulous and highly aggressive, because they target the lifelines of our society. That’s dangerous.”His appeal to operators of important infrastructures is to protect their companies preventively and comprehensively.
The Myra experts recommend:
- Refuse payment and contact with the extortionists – Who pays becomes a lucrative target. More attacks often follow with more complex attack methods and higher ransom demands.
- Check your infrastructure for vulnerabilities – Are sensitive business processes protected against overload attacks and other attack vectors on all network layers?
- Get professional help -Even in the case of an acute attack, DDoS attacks can be repelled in the shortest possible time by emergency activation.
- Report attacks and extortion attempts – For KRITIS operators, there is also a reporting obligation to the Federal Office for Information Security (BSI).
- Prevention – The best protection is to comprehensively secure digital processes before being attacked-it’s only a matter of time before the attack comes.