Indiana National Guard hit by ransomware

The Indiana National Guard has posted a notice revealing it has fallen victim to a ransomware attack that compromised identifying information of its personnel.
An anonymous attacker, or group of attackers, reportedly infiltrated a “nonmilitary” server belonging to the National Guard, which contained “identifying information of its personnel,” according to a local publication.
The server contained information on civilian and military Guard members, the report says. An investigation into the breach has led state officials to believe the attack was not targeted.
“As a result of this action we are in the process of notifying personnel that may be affected, and that they should be alert for suspicious activity or fraudulent accounts being opened in their name,” the Guard said in a news release.
The ransomware strain used in the attack is not mentioned. However, a recent spike in ransomware attacks on US infrastructure has brought to light a new ransomware strain in the Troldesh/Crysis family that carries the “Gamma” moniker in its encryption extension. Gamma is essentially a sub-family of the larger Crysis ransomware family.
Analyzing the strain, Bitdefender researchers found Gamma leverages Remote Desktop Protocol (RDP) vulnerabilities and brute-force techniques (on endpoints with weak credentials). However, Troldesh/Crysis ransomware is typically deployed in large, targeted campaigns. If the Indiana State Police is correct about the attack not being targeted, the ransomware that infected the Guard”s systems likely was not a Crysis variant.
tags
Author
Right now
Top posts
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022