Home| Fashion Tech Hackathon| Bahrain Center for Human Rights| Movies

Ransomware Group Claims to Have Breached "All of Sony Systems" and is Selling the Data

Home | NWS8

Post on .

A new ransomware group named Ransomed.vc asserts that they have successfully hacked all of Sony's systems, according to various sources. The group, which has been in operation since September, has threatened to sell the data due to Sony's refusal to pay the ransom. Cyber Security Connect reports that the group is allegedly using laws to intimidate victims.

The group has released evidence of hacking which consists of screenshots of an internal login page, a PowerPoint presentation detailing test bench information, and various Java files. Additionally, there is a file directory of the entire leak, which contains fewer than 6,000 files. Cyber Security Connect has referred to this data cache as "small" when compared to the alleged "all of Sony systems" claim.

Sony has commenced an inquiry into the incident; however, the company has not released any official statement regarding the breach nor the effects of Ransomed.vc on the organization. The group has set a "post date" of September 28, 2023, and if no one buys the data, this is expected to be the day when Ransomed.vc will release it en masse.

This is not Sony's first encounter with cyber attacks. In 2011, the company experienced a significant security breach that exposed the personal data of millions of users. The breach led to a class-action lawsuit and a settlement of $15 million.

The Sony cyberattack emphasizes the importance of cybersecurity measures for corporations, especially those dealing with sensitive data. The growing prevalence of ransomware attacks demonstrates their heightened frequency and potential devastation. Companies must take proactive steps to protect their systems and data by implementing strong security protocols, regularly backing up data, and training their staff to identify and address potential threats.

A Ransomware Group Called Ransomed.vc

Ransomed.vc, a ransomware group asserts that it has infiltrated Sony Group and threatens to trade a trove of data stolen from the Japanese corporation. The group has publicized some evidence of the cyber attack, however, it claims that the information is not very persuasive. Additionally, the hackers have published the file tree which comprises less than 6,000 files. Even though the ransomware is said to have targeted "all of Sony systems," Cyber Security Connect describes the number of files as "seemingly small." The group asserts that it offers a "secure solution" for addressing data security vulnerabilities in companies. It also claims strict compliance with GDPR and Data Privacy Laws. The group plans to publish data in cases where payment is not received. Cyber Security Connect reports that the ransomware newcomer has already victimized an impressive number of entities since its recent emergence.

This incident is not the first time that Sony has been the target of a hack. The North Korean-linked hackers targeted the company in 2014, resulting in the delay of a movie about North Korea. The hack also caused network issues and exposed embarrassing internal correspondence and secrets.

Ransomed.vc is utilizing the fear of significant penalties to coerce companies into paying. This tactic is atypical since most ransomware or extortionist groups usually concentrate on encrypting data and asking for ransom for its release, instead of exploiting data protection legislation for economic benefit. Sony has not yet disclosed whether it has been compromised by Ransomed.vc at the time of writing.

The emergence of Ransomed.vc emphasizes the necessity for companies to prioritize cybersecurity and implement strong safeguards to secure their data. It also underscores the significance of having a contingency plan in the event of a ransomware attack or data breach.

Conclusion

In conclusion, the recent ransomware attack on Sony by Ransomed.vc underscores the crucial importance of cybersecurity measures for all businesses. The critical need for corporations to undertake preemptive measures to safeguard their data and systems is highlighted, such as implementing resilient security protocols, frequently creating copies of data, and educating employees to recognize and address potential threats.