Palau denies claims by ransomware gang over recent cyberattack | #ransomware | #cybercrime

The government of Palau denied several new claims by a ransomware gang that the two sides were in contact following an attack last month. 

The DragonForce ransomware gang officially posted Palau to its leak site on Sunday, threatening to publish data stolen from the island-nation’s government in three days. 

The group responded to a Recorded Future News story from last week that outlined Palau’s confusion about the incident. The government found letters from both the LockBit and DragonForce ransomware gangs but were never contacted by either. 

The communication links provided in both ransom notes did not work, according to Palau officials, leading many to believe there may be geopolitical motives behind the incident.

On Sunday, the gang denied that the attack on Palau was for any reason other than financial gain.

“We have nothing to do with political issues. Representatives of this state came to us, but for some reason they did not clarify the information about the leak. In three days, all the data from Palau will be available on our blog. You can find interesting information there,” the gang said, adding that it stole more than 21 GB of data.

Palau dealt with relatively minor outages related to the ransomware attack, which targeted the country’s Ministry of Finance. 

The government took about five days to recover from the attack and had to provide some government workers with paper checks for one pay period. 

Jay Anson, CISO of Palau’s Ministry of Finance, told Recorded Future News that nothing in the ransomware gang’s note is accurate. 

According to Anson, nothing in the files the gang stole was sensitive or important.

“And no one reached out to them nor was there an attempt to contact us to negotiate a ransom beyond the two notes. They’re lying,” he said. 

Anson said the worst case scenario is that the data that was stolen from Palau’s Ministry of Finance will be used to create phishing emails or facilitate business email compromise.

Palau’s government will have to counter those threats through user awareness training, he explained. 

The attack occurred on the same day that officials in Palau held a signing ceremony with the U.S. government — leading some to think it was part of a larger geo-political tug of war between China and the U.S. 

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

Source link


National Cyber Security