Dec 11, 2021
0 0

Australian govt raises alarm over Conti ransomware attacks

Written by

New zero-day exploit for Log4j Java library is an enterprise nightmare
ALPHV BlackCat – This year’s most sophisticated ransomware
Volvo Cars discloses security breach leading to R&D data theft
Massive attack against 1.6 million WordPress sites underway
Microsoft: These are the building blocks of QBot malware attacks
Amazon explains the cause behind Tuesday’s massive AWS outage
Want to become a networking expert? Try this $69 Cisco course bundle
Researchers release ‘vaccine’ for critical Log4Shell vulnerability
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Australian govt raises alarm over Conti ransomware attacks
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November.
“The ACSC is aware of multiple instances of Australian organisations that have been impacted by Conti ransomware in November and December 2021.
This activity has happened across multiple sectors. Victims have received demands for ransom payments,” Australia’s cybersecurity agency warned in a security advisory issued today.
“In addition to the encryption of data and subsequent impact to organisations’ ability to operate as usual, victims have had data stolen during incidents published by the ransomware actors, including Personally Identifiable Information (PII).”
The warning follows a November ransomware attack on Australian electricity provider CS Energy’s corporate ICT network mistakenly linked by local media to a Chinese-backed hacking group.
However, as CS Energy CEO Andrew Bills revealed, the company didn’t “find indication that the cyber incident was a state-based attack.”
The Conti ransomware gang claimed the attack on November 27, when the Australian energy provider discovered the intrusion. Conti is yet to leak any files stolen from CS Energy.
The ACSC also published a ransomware profile with additional info on the Conti gang, including initial access indicators, targeted sectors, and mitigation measures.
“The threat actors involved in the deployment of the Conti ransomware frequently change attack patterns, and quickly take advantage of newly disclosed vulnerabilities to compromise and operate within networks before network owners are able to apply patches or mitigations,” the agency added.
“Conti affiliates have been observed targeting entities in critical sectors, notably including healthcare organisations. In 2021, Conti claimed to have compromised at least 500 organisations worldwide on their TOR site.”
The ACSC provides mitigations focused on Conti TTPs (Tactics, Techniques, and Procedures), including:
 The agency previously warned of an increase in LockBit 2.0 ransomware attacks targeting Australian orgs starting with July 2021.
Data breach impacts 80,000 South Australian govt employees
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
US govt warns of increased ransomware risks during holidays
Emotet botnet comeback orchestrated by Conti ransomware gang
Not a member yet? Register Now
New zero-day exploit for Log4j Java library is an enterprise nightmare
Malicious Notepad++ installers push StrongPity malware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


Article Categories:
Cybersecurity News

Comments are closed.