New Russian Email Threats Are Here

Threatpost has the Story:

This is a current story (7/7/20) of threats emerging from the Russian criminal groups.

The following  is from a previous analysis from has the Story

The intsight document shows several groups, of which the above is just one group “the Sandworm” team.

Another post: Threat Spotlight: WastedLocker, customized transomware

The ransom demands were high from $500,000 to $10 million in Bitcoin. This is in an environment where the criminals also ransomed the backups (which apparently were accessible for the hackers) The sophistication of  the hackers is obvious, but their sophistication is not just to any new hack or ransomware attack. It also shows that the criminals were able to figure out the attacks that will lead to the most return on investment of their time.

Let’s review a little from first 8 months of 2019(from

“The first eight months of 2019 were particularly lucrative for the Ryuk malware’s authors. So far this year, Ryuk is known to have collected $400,000 from rural Jackson County, Georgia; nearly $600,000 from Riviera Beach, Florida; $490,000 from Lake City, Florida; $130,000 from LaPorte County, Indiana; and $100,000 from the public school district in Rockville Centre, New York.”

So almost a year later it is not a surprise (or should not be) that the organizations in Russia are trying to increase their yield. The bad actors are putting together profiles of business entities which are most likely to pay, and then they do more research by actually hacking and looking at the defenses.

It is nigh time for US businesses to become more systematic about Cybersecurity defense.

Contact us to discuss

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.