Large Australian Mining Company Got Struck by ColdLock Ransomware

Cyble’s team has seen a dramatic rise in ransomware-related issues. Like many other cyber threats, ransomware has become more complex and advanced over time. This growing trend has become a big reason for organisations to worry about it. It has been observed that cybercriminals are flexing their muscles and increasing organized crime by targeting a number of enterprises around the globe. For instance, recently a large and well-established Australian mining company got targeted by a group of cybercriminals with a new and fast-growing ransomware family named ColdLock. As per the internal reports, this cyberattack had struck the organisation between the time phase of May 7 and May 8. Similar to ColdLock ransomware’s previous victims, not only the databases and systems of the mining company got hacked but on this instance, their data may have also been extracted by the cybercriminals. On one side where the organisation is trying to recover from the on-going COVID-19 pandemic phase, and this cyberattack has largely disrupted their operations. Currently, the mining company may be undergoing a remediation process to tackle this situation and come out strongly. Due to this, Cyble is not able to release the detailed information of this malicious attack.

As per the information gathered, this ransomware started to attack organisations based in Taiwan only. But now it is slowly and steadily starting to spread itself among organisations outside that region. This ransomware attack is stated to be potentially destructive as it targets and encrypts the databases and email servers of the organisations, which makes it near to impossible for the organisations to decrypt it themselves. By looking at ColdLock ransomware’s growing trend organisations should be cautious and should implement effective security measures to tackle such cyberattacks.

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

Leave a Comment

Your email address will not be published.

%d bloggers like this: