Researchers Exploit Conti Data Leak to Analyze APJ Ransomware Attacks

December 23, 2022

A recent report from cybersecurity firm Akamai examines a pattern of ransomware attacks in the Asia-Pacific and Japan (APJ) region. Researchers took advantage of a recent document leak from major ransomware-as-a-service outfit Conti to paint a picture of that organization’s methods, attack patterns by country, and average ill-gotten gains per attack. India’s NewsPatrolling discusses the findings in, “Akamai APJ Ransomware Report H1 2022—Summary.” Writer Mahender emphasizes the leaked data does not include all of Conti’s attempted attacks. We learn:

“[Akamai’s] analysis of the vertical distribution of attacks revealed that business services was the top victimized industry in APJ. Successful attacks on this vertical can be concerning because of the risk of supply chain cyber attacks. Cybercriminals could breach a third party, such as business services companies, to gain a foothold on high-value targets. One such example is a Taiwanese company and supplier/contractor for a high-end automobile manufacturer, and a consumer electronics company, among others that suffered a Conti attack in 2022. Despite 1,500 servers being encrypted, the attack reportedly impacted only noncritical systems. It is crucial to highlight here the security risks that third-party companies could potentially introduce to their affiliated organizations.”

True. Then there are attacks that pose a more direct threat. Though APJ was third in attack frequency, after North America and EMEA (Europe, Middle East, and Africa), many of the targets Conti chose there especially concerning:

“The APJ region also shows a significantly larger number of critical infrastructure attacks as compared with other regions. Attacks on these verticals could have catastrophic, real-world implications. Case in point: One of the largest electricity providers in Australia was hit by a Conti ransomware attack in 2021. Although the attack did not disrupt their services, it’s not hard to imagine the detrimental effects if it did.”

Retail and hospitality companies were the second-most attacked verticals—what ransomware collection would be complete without sources of credit card numbers and other lucrative personal data? The report also found Conti targeting a victim sweet spot: businesses big enough to pay a worthwhile ransom yet too small to have significant cybersecurity resources. Check out the report itself for all the details.

Cynthia Murrell, December 23, 2022

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta