ragnarlocker attacks EKRAN
Incident Date:
June 23, 2022
Overview
Title
ragnarlocker attacks EKRAN
Victim
EKRAN
Attacker
Ragnarlocker
Location
First Reported
June 23, 2022
Ekran System Suffers Ransomware Attack by Ragnarlocker Group
Ekran System, a software company specializing in insider threat protection, has reported a ransomware attack by the Ragnarlocker group. The attack was announced on the dark web leak site of the ransomware group. Ekran System operates in the Software sector and is known for its full-cycle insider risk management platform, which includes monitoring insider activity, controlling access, and responding to incidents.
Company Overview
Ekran System provides a comprehensive solution for managing insider risks, covering each node of an organization's infrastructure and offering insights into user activity while securing critical data and commercial secrets. The company's software is designed to mitigate insider threats, detecting and disrupting any malicious activity, and ensuring that privileged users access only the resources they need for work purposes.
Industry Vulnerabilities
The software industry is a common target for ransomware attacks, as it often handles sensitive data and has a large attack surface due to the widespread use of software applications. Ekran System's focus on insider risk management makes it a valuable target for threat actors seeking to exploit vulnerabilities in third-party vendors or gain access to sensitive data through insider threats.
Mitigation Strategies
To protect against ransomware attacks, organizations should implement best practices such as secure configuration of enterprise software and assets, deploy access control management solutions, leverage user activity monitoring, and manage third-party activities. Ekran System's insider risk management platform can help organizations detect and prevent insider threats at early stages, providing a rich set of capabilities for monitoring, controlling access, and responding to incidents.
The ransomware attack on Ekran System underscores the critical need for robust cybersecurity measures in the software industry. By deploying a comprehensive insider risk management platform and adhering to best practices for securing software and assets, organizations can mitigate their exposure to ransomware and other cyber threats.
Sources
- Ekran System | Insider Threat Protection Software
- The 7 Industries Most Vulnerable to Cyberattacks - Ekran System
- Ransomware Attack - What is it and How Does it Work? - Check Point https://www.checkpoint.com/cyber-hub/threat-prevention/ransomware-attack/
- Top 10 Cyber Security Breaches - Ekran System
- Cyber-attack on ICRC: What We Know https://www.icrc.org/en/document/cyber-attack-icrc-what-we-know
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.