The cybersecurity company named Cygilant has detected and confirmed a ransomware attack on them. The Chief Financial Officer of Cygilant’s also said in a statement that, “aware of a ransomware attack impacting a portion of Cygilant’s technology environment.”
She also added “Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We are working closely with third-party forensic investigators and law enforcement to understand the full nature and impact of the attack. Cygilant is committed to the ongoing security of our network and to continuously strengthening all aspects of our security program”.
Cygilant is believed to be the latest prey of NetWalker, which happens to be a ransomware-as-a-service group, and threatens groups to take access to launch their own attacks, according to the industrial experts.
If the ransom isn’t paid the hackers try to threaten to publish the victim’s files. The file-encrypting malware destroys the files of the victim and takes out all the important data and infiltrates to the hacker’s servers.
A Dark web associated with the NetWalker ransomware group posted some screenshots of their internal network files and directories that are associated with this cybersecurity company Cygilant. The cyber security company did not utter a word that they have paid the ransom. But while writing, the dark web listing the data of Cygilant had disappeared.
Brett Callow said, “Groups permanently delist companies when they’ve paid or, in some cases, temporarily delist them once they’ve agreed to come to the negotiating table, “NetWalker has temporarily delisted pending negotiations in at least one other case.”
Previously in May 2017, another ransomware named WannaCry wreaked havoc after spreading through different computer systems. That particular ransomware started infecting computer’s hard drives and it used to encrypt the stored data, making it impossible for users to access. Later, the attackers demanded a ransom payment in Bitcoin in order to decrypt them.
Also in 2017, another ransomware named Petya also started making news. It also exploited the same flaw as WannaCry. It used to reboot the system after infecting and then it displayed a text mentioning “Repairing file system on C:” and it also warned users not to switch off their computers. However, Petya utilized this time to encrypt the data, and after that the system finally used to reboot again, displaying the ransom demand.