Voice of America
08 Feb 2023, 06:05 GMT+10
LONDON/WASHINGTON - A global ransomware outbreak has scrambled servers belonging to the U.S. state of Florida's Supreme Court and several universities in the United States and Central Europe, according to a Reuters analysis of ransom notes posted online to stricken servers.
Those organizations are among more than 3,800 victims of a fast-spreading digital extortion campaign that locked up thousands of servers in Europe over the weekend, according to figures tallied by Ransomwhere, a crowdsourced platform that tracks digital extortion attempts and online ransom payments and whose figures are drawn from internet scans.
Ransomware is among the internet's most potent scourges. Although this extortion campaign was not sophisticated, it drew warnings from national cyber watchdogs in part because of the speed of its spread.
Ransomwhere did not name individual victims, but Reuters was able to identify some by looking up internet protocol address data tied to the affected servers via widely used internet scanning tools such as Shodan.
The extent of the disruption to the affected organizations, if any, was not clear.
Florida Supreme Court spokesperson Paul Flemming told Reuters that the affected infrastructure had been used to administer other elements of the Florida state court system, and that it was segregated from the Supreme Court's main network.
'Florida Supreme Court's network and data are secure,' he said, adding that the rest of the state court system's integrity also was not affected.
A dozen universities contacted by Reuters, including the Georgia Institute of Technology in Atlanta, Rice University in Houston, and institutions of higher learning in Hungary and Slovakia, did not immediately return messages seeking comment.
Reuters also contacted the hackers via an account advertised on their ransom notes but only received a payment demand in return. They did not respond to additional questions.
Ransomwhere said the cybercriminals appear to have extorted only $88,000, a modest haul by the standard of multimillion-dollar ransoms regularly demanded by some hacking gangs.
One cybersecurity expert said the outbreak, thought to have exploited a 2-year-old vulnerability in VMWare software, was typical of automated attacks on servers and databases that have been carried out by hackers for years.
VMWare has urged customers to upgrade to the latest versions of its software.
'This is nothing unusual,' said Patrice Auffret, founder of French internet scanning company Onyphe. 'The difference is the scale.'
Also uncommon is the highly visible nature of the outbreak, which began earlier this month. Because internet-facing servers were affected, researchers and tracking services like Ransomwhere or Onyphe could easily follow the criminals' trail.
Digital safety officials in Italy said Monday that there was no evidence pointing to 'aggression by a state or hostile state-like entity.'
Samuli Kononen, an information security specialist at the Finnish National Cyber Security Centre, said the attack was likely carried out by a criminal gang, although he added that it was not particularly sophisticated as many victims had managed to salvage their data without paying a ransom.
'More experienced ransomware groups usually don't make that kind of mistake,' he said.
Get a daily dose of Broadcast Communications news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Broadcast Communications.
More InformationNEW YORK CITY, New York: With just weeks to spare before a potential government default, U.S. lawmakers passed a sweeping tax and spending...
PARIS, France: Fast-fashion giant Shein has been fined 40 million euros by France's antitrust authority over deceptive discount practices...
PALO ALTO/TEL AVIV: The battle for top AI talent has claimed another high-profile casualty—this time at Safe Superintelligence (SSI),...
FRANKLIN, Tennessee: Hundreds of thousands of Nissan and Infiniti vehicles are being recalled across the United States due to a potential...
REDMOND, Washington: Microsoft is the latest tech giant to announce significant job cuts, as the financial strain of building next-generation...
LONDON UK - U.S. stock markets were closed on Friday for Independence Day. Global Forex Markets Wrap Up Friday with Greeback Comeback...
Birmingham [UK], July 7 (ANI): Indian pacer Akash Deep mesmerised one and all with a ten-wicket haul in a critic-silencing, era-defining...
Birmingham [UK], July 7 (ANI): Following his side's win over England, Indian pacer Akash Deep revealed that he played the match because...
Paris is withdrawing its troops after the African country scrapped a decades-old defense agreement France has handed over a military...
New Delhi [India], July 1 (ANI): On the occasion of the approval of the new 'Khelo Bharat Niti 2025', Prime Minister Narendra Modi...
Mumbai (Maharashtra) [India], July 1 (ANI): The Indian Institute of Creative Technologies (IICT) opens admissions for its first batch...
New Delhi [India], July 1 (ANI): In a significant step to bolster India's research and innovation ecosystem, the Union Cabinet on Tuesday...