Vumacam hit with ransomware attack

Vumacam has confirmed that it was the victim of a ransomware attack, saying a low-priority internal system was breached.

“The breach did not impact critical, personal or sensitive data, was remedied immediately, and we stand firm in our stance that we do not negotiate with criminals or criminal groups,” the company said.

On Friday, ransomware gang Cl0p announced Vumcam as one of its latest victims on its dark web site.

The group’s modus operandi is to breach a system, exfiltrate potentially sensitive files, and encrypt everything on the compromised computer.

It leaves an unencrypted “ransom note” behind on the system warning victims not to try and restore or move files themselves, as it may destroy them.

The extortion demand includes instructions for contacting the group to negotiate payment in exchange for decryption instructions and avoid stolen files being published online.

Should victims refuse to pay, Cl0p posts the stolen data online.

Other institutions Cl0p has targeted in the past include the New South Wales transport authority in Australia, and the University of California in the US.

According to cyber incident response outfit Cypfer, Cl0p’s demands start at around $3,000,000 on average. However, this can fluctuate based on what they think the victim can afford to pay.

Cypfer says negotiations are usually fast, lasting between one to eight days.

However, information security experts have warned that companies should avoid paying these kinds of extortion demands.

“The general advice is not to pay the ransom. By sending your money to cybercriminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption key you need in return,” states anti-ransomware project No More Ransom.

No More Ransom is a joint initiative from Europol, the Netherlands police, Kaspersky, and McAfee.

Among other services, it publishes decryption tools for ransomware strains that security researchers have defeated.

Vumacam declined to provide details about the attack or Cl0p’s demands, saying only that the attackers didn’t get their hands on any sensitive data.

“Our systems are designed with multiple layers of security and data segregation, which ensured the breach was contained, and no classified or private data was accessed,” it said.

“Vumacam is constantly vigilant against potential attacks on its systems and regularly tests all external facing systems for risk.”

Vumacam CEO Ricky Croock (pictured) said cybersecurity and data privacy are the utmost priority at the company.

“The breach has not been in any protected or data-sensitive area of our systems. While we condemn the criminality of this event, it is reassuring that our systems are robust and our security measures performed as they should,” Croock said.

Vumacam assured that client and stakeholder information remains safe and secure.

Now read: US concerned that Vumacam uses China-style spying tech — here are the facts

Latest news

Partner Content

Show comments


Share this article
Vumacam hit with ransomware attack