-
Reports state that Israeli Company “Shlomo” Insured has become a victim of a ransomware attack, and hackers have accessed their internal data.
-
The hackers threaten to make accessed data public information if the fail to pay demanded ransom.
-
This incident shows that ransomware attacks will continue to target financial and insurance companies globally.
According to reports from cybersecurity experts and researchers, cybercriminals have attacked Shlomo Insurance Company’s internal databases by breaching into those systems and exfiltrating sensitive customer data.
Furthermore, there is concern that data may ultimately go public if hackers choose to release the collected information. The incident reflects a significant increase in ransomware attacks impacting financial services and large companies with extensive client databases.
The attackers have admitted responsibility for the attack – they stated that they accessed Shlomo’s internal systems and obtained information from them. Also, they threatened to leak the data if they didn’t receive what they demanded from the company.
Cybersecurity experts say this type of attack has become one of the most common forms of cybercrime worldwide. Analysts believe that because of the volume of personal data, financial data, and identity documents insurance companies store, they are prime targets of ransomware attacks.
Hackers who succeed in breaching an insurance company’s system could make personal data public, which could, in turn, create risk for fraud and identity theft.
Hackers Claim Access to Sensitive Data
The cybercriminals, the KillSec Ransomware group, reportedly claimed responsibility for the attack, with shared screenshots of online proof. They also provided printable examples of the stolen or breached data.
Ransomware attacks typically follow the pattern of getting into the company’s network, stealing data, before they store or lock you out of your systems.
They then threaten to release your sensitive data unless you pay them. Experts refer to this approach as “Double Extortion”; it has become more common in recent years.
According to their screenshots, the KillSec group exfiltrated the following sensitive data:
- Customer and corporate names
- Identification and the company’s registration numbers
- Vehicle registration licenses
- Vehicle specifications and details
- License plate numbers
A similar incident occurred with Israeli company Shirbit when hackers leaked personal information after the company denied paying a ransomware request. Stolen files included personal identification records and financial records.
Security analysts are also warning that companies, customers, and others may suffer as a result of such leaks.
Growing Wave of Ransomware Attacks
Ransomware attacks are becoming more prevalent throughout the globe, especially over the past few years. Criminal organizations have targeted predetermined sectors like finance and healthcare, due to the likelihood of victims paying a ransom to have their sensitive information returned quickly.
The method itself resembles the act of kidnapping, but in this case, the hacker locks or takes the victim’s files and demands payment in order to restore them. They often request the ransom as cryptocurrency, Bitcoin or some other form of digital currency, making it very difficult for law enforcement to track the criminal.
Cybersecurity experts have identified numerous attacks against organizations in Israel and classified them as primary targets for cybercriminals. In response to this rising trend in cyberattacks against businesses, both government entities and private sector companies have increased their investment in cyber defense, incident response teams, and employee training related to security.
Calls for Stronger Cybersecurity Measures
The attack on Shlomo Insurance highlights the need for a better cybersecurity within all financial Institutions. Organizations that manage large amounts of peoples’ personal data must take the appropriate measures to secure their systems sufficiently.
This lesson applies globally, in Africa, where the education and telecom sectors are facing a cybercrime surge; the same vulnerabilities exist and the same urgent need for stronger defenses applies.
Industry security professionals provide guidance for organizations by implementing procedures such as performing updates regularly to their software applications, using multiple authentication factors, training employees about security policies/procedures, and creating regular system backups.
Implementing these procedures and policies can help prepare organizations for future ransomware attacks and allow for more rapid recovery from an attack.
Governments are also encouraging organizations to report cybercrimes against individuals and businesses expeditiously in order for law enforcement to track down those responsible for attacks, as well as to alert other organizations or individuals to be on alert about the same kind of cyberattack.
For consumers, on the other hand, this particular instance of cyberattack may serve as yet another eye-opener to remain diligent about carefully monitoring their own financial success and safeguarding their private information while using the Internet.
