Ransomware Attack on Zerto Security by Handala Group

Company Profile: Zerto Security

Zerto, a Hewlett Packard Enterprise company, is a prominent player in the field of cloud data management and protection. Founded in 2009, Zerto specializes in providing disaster recovery solutions, data backup, and seamless workload mobility across various cloud platforms such as Microsoft Azure, AWS, and Google Cloud. With over 9,500 customers worldwide and generating more than $300 million in revenue, Zerto is recognized for its innovative approach in simplifying complex data protection challenges and ensuring minimal downtime and data loss.

Details of the Attack

The Handala ransomware group, known for its politically motivated cyberattacks, has recently targeted Zerto, claiming to have compromised 51 terabytes of data. The attack was not only significant in terms of the volume of data affected but also notable for its overt political messaging. Handala described Zerto as a "Zionist cybersecurity company," critiquing its security capabilities and its affiliations. This breach has led to substantial data loss and has raised questions about the robustness of Zerto's cybersecurity measures.

Profile of the Handala Ransomware Group

Handala is a cybercriminal organization with a history of targeting Israeli institutions and their affiliates, driven by a pro-Palestinian agenda. The group employs sophisticated phishing campaigns and multi-stage loading processes for its attacks, often resulting in significant data breaches and operational disruptions for the targeted entities. Handala's tactics include the use of obfuscated scripts and shellcode to evade detection, showcasing their advanced capabilities in cyber warfare.

Potential Vulnerabilities and Entry Points

While specific details of the breach's methodology are not disclosed, it is plausible that Handala exploited vulnerabilities in Zerto's network, possibly through phishing or other forms of social engineering. Given Zerto's role and scale in data protection, the breach underscores the critical need for continuous enhancement of cybersecurity protocols, especially against politically motivated cybercriminal groups like Handala.

Sources

• Zerto - About Us
• Zerto - Company Page
• iZOOlogic - Handala Hack Group Claims
• The Cyber Express - Handala Hacker Group Warns Israel