Offensive Security

The most successful ransomware attacks – for the year 2019!

The most successful ransomware attacks – for the year 2019!

The data is encrypted, recovery takes a long time, customers are dissatisfied – these were the most successful ransomware attacks for 2019. If large organizations, companies or government agencies are affected by an attack, it can quickly run into millions of dollars.

Norsk Hydro – the aluminium producer from Norway

At the beginning of 2019 it started directly with Norsk Hydro. The incident was reported extensively. The company’s transparency has provided clarity. The Ransomware incident, on the other hand, for rising aluminium prices and the lack of 60 – 73 million USD in the cash register. The company was affected by LockerGoga. The damage also includes the expenses for the restoration. The incident is one of the most spectacular in 2019.

Norsk Hydro was the victim of a ransomware attack in 2019 (source: Bleepingcomputer.com)
Among the most successful ransomware attacks in 2019 is definitely Norsk Hydro

Hospital in Fürstenfeldbruck goes into emergency operation

A hospital near Munich was the victim of a cyber attack in 2019. In the past, several hospitals have already fallen victim to malware. There is no known case in which a cyber attack has led to the death of a person. The Lukas Hospital in Neuss took advantage of the attention to report the incident in detail. Dr. Nicolas Krämer is now a well-known speaker at various events.

Baltimore (USA) – when taxes stop and the water no longer flows

A city in the United States was also the victim of a ransomware attack in 2019. However, this had no effect whatsoever on the price of aluminium – it caused the city’s billing to falter. The 19.05 will not be able to get out of the minds of the inhabitants that quickly. The incident has cost around 18.2 million USD.

You are currently viewing a placeholder content from X. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

Frankfurt am Main – after Emotet attack meanwhile online again

Emotet was one of the most successful ransomware pests ever in 2019. The personalized, partially customized emails could only be exposed as false emails with increased vigilance. There was not always enough time in everyday life. The problems that arose not only caused many headaches for IT specialists – downtimes are also expensive for authorities. Patient zero was a single computer in Frankfurt’s Municipal office in Frechenheim.

You are currently viewing a placeholder content from X. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

City of New Orleans – when nothing works anymore on 450 servers and 3,500 laptops

One careless moment is enough – that’s what those affected in New Orleans felt. A single phishing mail caused the dreaded Ryuk ransomware to spread – and 3,500 laptops and 450 servers were encrypted. The sum of the cyber insurance has cushioned 3 million USD. The mayoress does not believe that the sum has covered the damages. December 13, 2019 will probably remain unforgotten for the time being.

University Giessen – offline at the end of the year and 38,000 new passwords

The last days of the year are actually quiet. Actually. The Justus-Liebig-University in Gießen (JLU) became victim of ransomware, like Frankfurt a.M., from Emotet. Whoever has the damage does not need to worry about the mockery. Comments like “Unreliable #DigitalDetox (…)” could be read on Twitter. One student could understand the gravity of the situation: “No matter how shitty your Monday is, be glad not to be an IT student at JLU right now”.

You are currently viewing a placeholder content from X. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

In the end, about 38,000 passwords had to be reset manually. This caused long queues. Enough time to think about security measures, anyway.

Between September and October it started. Conspicuous data streams attract the attention of specialists. A week later the emergency switch follows – the court’s entire IT system is disconnected from the mains. This means that the court can be reached by telephone, fax and post. A short time later the realization follows: Emotet is at work. Until today it is not completely clear what is affected and to what extent. An incident that gives an idea of what we are facing in 2020: More (very) successful ransomware attacks.

And many more … many of the most successful ransomware attacks have caused millions of damages!

But even if large companies (e.g. Wempe), authorities and organisations are responsible for spectacular cases because a lot of money flows, private households are also constantly affected by ransomware. The big money cannot be earned here, but often the cyber criminals destroy the pictures of the last holidays and put users* in stress. The different scams and methods, e.g. hiding popcorn ransomware or malware in pictures, now reach a large part of the population. The strong reduction of GandCrab is solely due to the fact that the malware has retreated.
It is important to know about ransomware ransom points and tools such as RansomFree or Crypto Sheriff. An effective Ransomware protection is the projectHealbox. Worse and millions of damages could be prevented. Even in private households, hardly anyone can afford a missing backup strategy anymore. Therefore, since the first appearance of ransomware the credo “No backup, no pity” has been valid.

Photo of author

Vincent Reckendrees

Hallo, ich bin Vincent Reckendrees und leite das Team Offensive Services bei der AWARE7 GmbH. In meinem Bachelor und Master Studium habe ich mich auf IT-Sicherheit spezialisiert und BSI zertifizierter IS-Penetrationstester. Meine Leidenschaft gilt Reverse Engineering, Hardware- und Web-Sicherheit. Als Experte für Penetrationstests finde ich Schwachstellen in Systemen und Netzwerken und nutze sie, um realistische Cyberangriffe zu simulieren und Sicherheitsmaßnahmen zu verbessern. Durch Reverse Engineering entdecke ich Fehler und Verbesserungsmöglichkeiten in Software und Hardware. Meine Fähigkeiten in Hardware- und Web-Sicherheit ermöglichen es mir, physische Geräte und Online-Plattformen vor einer Vielzahl von Cyberbedrohungen zu schützen und ihre Integrität und Zuverlässigkeit zu gewährleisten.