Ransomware Attack on Chuo System Service Co., Ltd
Incident Date:
May 16, 2024
Overview
Title
Ransomware Attack on Chuo System Service Co., Ltd
Victim
Chuo System Service Co.,Ltd
Attacker
Ransomhub
Location
First Reported
May 16, 2024
Ransomware Attack on Chuo System Service Co., Ltd
Victim Overview
Chuo System Service Co., Ltd, also known as CSS, is a company operating in the Business Services sector in Japan. They provide services such as system development, cloud services, and IT solutions to address customers' business challenges. The company is dedicated to achieving 120% customer satisfaction and emphasizes a fair and supportive internal environment for employees to excel.
Company Profile
The company stands out in the industry for its focus on customer satisfaction and commitment to exceeding customer expectations. The company operates in various business areas that support daily life and is known for its professionalism in delivering results.
Attack Overview
The company recently fell victim to a cyberattack carried out by the ransomware group RansomHub. The attack involved the use of ransomware as the primary technique, targeting the company's website. Approximately 20 GB of data was exfiltrated in the attack, posing significant risks to the company's security and confidentiality.
Ransomware Group - RansomHub
RansomHub is a new ransomware group that has emerged in the cyber threat landscape, distinguishing itself by making claims and backing them up with data leaks. The group operates as a Ransomware-as-a-Service (RaaS) group, with affiliates receiving 90% of the ransom money. RansomHub has targeted various countries without following a specific pattern and has roots in Russia.
How the Attack Penetrated
RansomHub's ransomware strains are written in Golang, a relatively new trend in the ransomware world. This language choice may indicate a step towards future trends in ransomware attacks. The group's operations resemble a traditional Russian ransomware setup, and they have targeted a wide range of industries, including healthcare-related institutions.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.