everest attacks FederalBank/Fedfina.part4
Incident Date:
July 26, 2022
Overview
Title
everest attacks FederalBank/Fedfina.part4
Victim
FederalBank/Fedfina.part4
Attacker
Everest
Location
First Reported
July 26, 2022
Ransomware Attack on FederalBank/Fedfina
FederalBank/Fedfina, a subsidiary of Federal Bank, has been targeted by the ransomware group Everest. The attack was announced on the dark web leak site, and the victim's website is linked. Fedfina operates in the Finance sector and is currently in the process of initiating an Initial Public Offering (IPO).
Company Size and Industry Standout
Federal Bank is a leading private sector bank in India, with a market capitalization of approximately Rs 10,000 crore as of January 12, 2022. The bank has a strong presence in the retail banking segment and has been expanding its footprint in the corporate and investment banking segments.
In the Finance sector, Federal Bank stands out for its focus on digital transformation and customer-centric services. The bank has been investing in technology to enhance its digital capabilities and improve customer experience.
Vulnerabilities and Targeting
Ransomware attacks are a significant threat to the financial sector, as they can disrupt critical operations and expose sensitive information. The attack on Fedfina highlights the need for robust cybersecurity measures to protect against such threats.
The ransomware group Everest exploited a vulnerability in the victim's systems to gain access and deploy the ransomware. The exact nature of the vulnerability is not disclosed, but it is likely that the attackers took advantage of an unpatched software or hardware flaw.
To mitigate the risk of ransomware attacks, banks should implement a defense-in-depth strategy, which includes a combination of security controls such as antivirus/antimalware software, endpoint hardening, and data loss prevention software. Regular patching and vulnerability remediation are also crucial to prevent attackers from exploiting known vulnerabilities.
The ransomware attack on FederalBank/Fedfina underscores the importance of robust cybersecurity measures in the financial sector. Banks must continuously assess their risk management programs and comply with the provisions of their cyber insurance policies to protect against financial losses.
Sources
- Business Insider India: Federal Bank's subsidiary FedFina initiates process for an IPO
- Community Banking Connections: Ransomware: A Multifaceted Menace
- Tripwire: Supply-chain ransomware attack causes outages at over 60 credit unions
- CNN: Ransomware attack causes outages at 60 credit unions, federal agencies
- Cybersecurity Dive: Dozens of credit unions confront outages linked to third-party vendor
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.