French telecommunications company Orange S.A. has been targeted by a ransomware attack with data stolen.
First reported July 16 by Bleeping Computer, the ransomware attack targeted Orange’s Business Services division, which offers enterprise solutions such as remote support, virtual workstations, system security, cloud backups and cloud hosting.
The ransomware attack came from the Nefilim ransomware group, which is also offering the data stolen from Orange via its data leak site. The name Nefilim is a biblical reference to the sons of God in the Old Testament. The group is also believed to be behind the ransomware attack on Australian logistics provider Toll Group in February.
The Nefilim ransomware was previously said to share similarities to the Nemty 2.5 ransomware, though without the ransomware-as-a-service component. The ransomware was previously noted to spread likely through RDP and uses AES-128 encryption on a victim’s files.
Orange confirmed the ransomware attack, saying that it had been targeted overnight July 4 and into July 5. The company said its security team was “mobilized to identify the origin of the attack and has put in place all necessary solutions required to ensure the security of our systems.” Orange added that data from about 20 customers on its virtual hosting service had been accessed by those behind the ransomware attack, but no other services had been affected. Orange has 266 million customers worldwide.
“This ransomware attack highlights the complexity and far-reaching damage of a business to business data breach,” Mark Bagley, vice president of product at enterprise cybersecurity company AttackIQ Inc., told SiliconANGLE. “The incident not only impacts Orange itself but also the employees and customers of the enterprise customers whose data have been exposed.”
Bagley said it’s not just a matter of whether to pay the ransom. “Data is not just encrypted but actually stolen and often exposed – making these attacks even more detrimental,” he said. “Because of this, it’s important to adopt a proactive and threat-informed approach to security strategy that allows for an organization to know it can thwart ransomware attacks. Additionally, companies should use automated solutions that safely emulate the most common ransomware campaigns and their techniques to avoid falling victim.”
Photo: Wikimedia Commons
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
Click here for the original Source.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .