Peris.ai, composed of cybersecurity professionals, has disclosed detailed information about the Brain Cipher ransomware that has targeted the Temporary National Data Center since June 20.
IMAGE CREDIT: https://www.peris.ai/articles
This cyberattack caused significant disruptions to immigration and various other public services, affecting 210 institutions. While some services have been restored, the impact remains substantial.
The National Cyber and Crypto Agency (BSSN) responded promptly by dispatching a support team to the Surabaya data center. The attackers demanded a ransom of USD 8 million to restore system access.
Brain Cipher ransomware is primarily spread through phishing campaigns that deceive recipients into downloading and executing malicious files. Once inside a network, it employs various tactics to elevate privileges, evade defenses, and access sensitive information.
These tactics include using Windows Command Shell for execution and bypassing user account control. The ransomware also queries registries, gathers system information, and discovers software to map the infected environment and identify critical targets for encryption.
To counter the threat posed by Brain Cipher ransomware and similar attacks, organizations should implement a multi-layered security strategy.
This includes robust email security to detect and block phishing attempts, regular user training to recognize and report phishing emails, advanced endpoint protection to prevent malware execution, network segmentation to limit ransomware spread, secure offline backups of critical data, and regularly updated incident response plans for effective ransomware attack responses.
More ransomware attack
As cyber threats continue to evolve, it is crucial for organizations to stay ahead of potential attacks. Peris.ai offers advanced cybersecurity solutions designed to anticipate and defend against such threats. One such solution is Phisland, a sophisticated phishing simulator that enhances security awareness and overall cybersecurity posture.
Phisland provides realistic phishing simulations via email, websites, and WhatsApp, helping organizations identify vulnerabilities and improve their security strategies. By proactively strengthening cybersecurity measures with tools like Phisland, organizations can better protect themselves against potential phishing attacks.