The Cactus ransomware group continues its spree of cyber attacks, targeting organizations across the globe. In their latest wave, they have claimed responsibility for cyber attacks on two more organizations, UTC Overseas and Unitex. These organizations, both based in the United States, join a growing list of victims that have fallen prey to the Cactus group.
The alleged cyber attack on Unitex has had a significant impact on the textile manufacturing firm and rental service provider. With over 100 years of history, Unitex is known for producing hygienic linen and uniforms for employees in the healthcare sector, including nursing homes. The Cactus group, in their message, even provided a link to download the exfiltrated data, indicating their intention to extort a ransom from the organization. Despite the attack, Unitex’s website remains operational.
Similarly, UTC Overseas, a global provider of freight forwarding and cargo logistics services, has also fallen victim to the Cactus ransomware group. The hackers attempted to extort a ransom from the organization but resorted to releasing the stolen data after failing to receive a positive response. UTC Overseas continues to offer its services, unaffected by the cyber attack.
These cyber attacks highlight the growing trend of hackers targeting third-party organizations to reach their ultimate targets. In recent events such as the MOVEit cyber attack and the Kokoro data breach, cybercriminals have exploited vulnerabilities in third-party service providers to gain access to larger networks. By targeting these unsuspecting service providers, hackers can infiltrate the systems of numerous clients, amplifying the impact of their attacks.
The Kokoro cyber attack, for example, exposed the data of nearly 40 high-profile charitable organizations based in the UK. These organizations, supported by famous and global celebrities, generate substantial revenues compared to smaller organizations. The hackers managed to find the data they sought in the processing of another organization that serves several UK-based non-profits. Personal information such as names, phone numbers, and addresses were compromised.
These incidents underscore the importance of securing data handled by third-party vendors. Many customers may be unaware that their information is being processed by external organizations. As highlighted by cybersecurity veteran Graham Cluley, individuals may not even be aware of the existence of third-party vendors or that their personal information is in their possession. It is crucial for users to share their data responsibly and only with trusted entities, while service providers must ensure that all vendors have robust threat detection and reporting systems in place.
Governments worldwide have addressed the issue of third-party vendor security, emphasizing the need for responsible data sharing and stringent security measures. Users must exercise caution when sharing their information and should refrain from doing so if they feel unsafe. Ultimately, both users and service providers play a crucial role in safeguarding sensitive data and mitigating the risks of cyber attacks.
As the Cactus ransomware group continues to target organizations globally, it is crucial for businesses to remain vigilant and prioritize cybersecurity measures. By staying informed about the latest threats and implementing robust security protocols, organizations can better protect themselves and their clients from cyber attacks.