{"id":485425,"date":"2023-03-27T10:27:55","date_gmt":"2023-03-27T08:27:55","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=485425"},"modified":"2023-03-27T10:39:42","modified_gmt":"2023-03-27T08:39:42","slug":"vumacam-hit-with-ransomware-attack","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/485425-vumacam-hit-with-ransomware-attack.html","title":{"rendered":"Vumacam hit with ransomware attack"},"content":{"rendered":"<p>Vumacam has confirmed that it was the victim of a ransomware attack, saying a low-priority internal system was breached.<\/p>\n<p>\u201cThe breach did not impact critical, personal or sensitive data, was remedied immediately, and we stand firm in our stance that we do not negotiate with criminals or criminal groups,\u201d the company said.<\/p>\n<p>On Friday, ransomware gang Cl0p announced Vumcam as one of its latest victims on its dark web site.<\/p>\n<p>The group\u2019s modus operandi is to breach a system, exfiltrate potentially sensitive files, and encrypt everything on the compromised computer.<\/p>\n<p>It leaves an unencrypted \u201cransom note\u201d behind on the system warning victims not to try and restore or move files themselves, as it may destroy them.<\/p>\n<p>The extortion demand includes instructions for contacting the group to negotiate payment in exchange for decryption instructions and avoid stolen files being published online.<\/p>\n<p>Should victims refuse to pay, Cl0p posts the stolen data online.<\/p>\n<p>Other institutions Cl0p has targeted in the past include the New South Wales transport authority in Australia, and the University of California in the US.<\/p>\n<p>According to cyber incident response outfit <strong><a href=\"https:\/\/cypfer.com\/cl0p-clop-ransomware\/\" target=\"_blank\" rel=\"noopener\">Cypfer<\/a><\/strong>, Cl0p\u2019s demands start at around $3,000,000 on average. However, this can fluctuate based on what they think the victim can afford to pay.<\/p>\n<p>Cypfer says negotiations are usually fast, lasting between one to eight days.<\/p>\n<p>However, information security experts have warned that companies should avoid paying these kinds of extortion demands.<\/p>\n<p>\u201cThe general advice is not to pay the ransom. By sending your money to cybercriminals you\u2019ll only confirm that ransomware works, and there\u2019s no guarantee you\u2019ll get the decryption key you need in return,\u201d <strong><a href=\"https:\/\/www.nomoreransom.org\/\" target=\"_blank\" rel=\"noopener\">states<\/a><\/strong> anti-ransomware project No More Ransom.<\/p>\n<p>No More Ransom is a joint initiative from Europol, the Netherlands police, Kaspersky, and McAfee.<\/p>\n<p>Among other services, it publishes decryption tools for ransomware strains that security researchers have defeated.<\/p>\n<p>Vumacam declined to provide details about the attack or Cl0p\u2019s demands, saying only that the attackers didn\u2019t get their hands on any sensitive data.<\/p>\n<p>\u201cOur systems are designed with multiple layers of security and data segregation, which ensured the breach was contained, and no classified or private data was accessed,\u201d it said.<\/p>\n<p>\u201cVumacam is constantly vigilant against potential attacks on its systems and regularly tests all external facing systems for risk.\u201d<\/p>\n<p>Vumacam CEO Ricky Croock (pictured) said cybersecurity and data privacy are the utmost priority at the company.<\/p>\n<p>\u201cThe breach has not been in any protected or data-sensitive area of our systems. While we condemn the criminality of this event, it is reassuring that our systems are robust and our security measures performed as they should,\u201d Croock said.<\/p>\n<p>Vumacam assured that client and stakeholder information remains safe and secure.<\/p>\n<hr \/>\n<h2 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/security\/482273-us-concerned-that-vumacam-uses-china-style-spying-tech-here-are-the-facts.html\">US concerned that Vumacam uses China-style spying tech \u2014 here are the facts<\/a><\/h2>\n","protected":false},"excerpt":{"rendered":"<p>Vumacam assures no critical systems, or personal or sensitive data were compromised.<\/p>\n","protected":false},"author":15,"featured_media":467213,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[27],"tags":[85145,21815,35,85147,30150,67431,57440],"class_list":["post-485425","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cl0p","tag-europol","tag-headline","tag-no-more-ransom","tag-ransomware","tag-ricky-croock","tag-vumacam"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/485425"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=485425"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/485425\/revisions"}],"predecessor-version":[{"id":485429,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/485425\/revisions\/485429"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/467213"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=485425"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=485425"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=485425"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}