CALL 0121 289 4477
Sony, the Japanese tech and media titan, finds itself in the midst of a cybersecurity storm once again. This time, it’s at the hands of the cybercriminal cartel, RansomedVC. In this blog, we’ll explore the Cyber attack by discussing how it happened, who RansomedVC are and what is the takeaway from this.
The notorious RansomedVC took to their dark web blog to flaunt their latest conquest, posting about Sony’s alleged breach. The cyber gang asserts that they’ve successfully infiltrated all of Sony’s systems, a claim that Sony is now closely investigating.
In response to the situation, a representative from Sony stated, “We are currently investigating the situation, and we have no further comment at this time.” This comment was made to the online security outlet, Cybernews.
While Sony’s adversaries in the past have been well-known entities, RansomedVC is a relatively fresh player in the cybercrime arena, having surfaced just this year. Yet, they’ve already left their mark, with previous attacks on institutions like the Hawaii Health System and TransUnion, to name a few.
What’s even more surprising? The cyber thugs declared that they wouldn’t be demanding any ransom from Sony since the company had declined to pay up. Shifting gears, they now intend to auction off the purportedly stolen dataset. This modus operandi, unfortunately, isn’t new. Many ransomware cartels resort to this tactic, threatening non-compliant victims with the sale of their sensitive data to the highest bidder.
Intriguingly, the asking price for the dataset – allegedly encapsulating all of Sony’s systems – is pegged at a mere $18,000.
Cybernews’ research unit took a dive into the situation and found that the data snippet shared by the attackers doesn’t offer much insight into the actual value or significance of the data. The sample includes a PowerPoint slide deck, several screenshots appearing to be from an internal Sony workstation, and a handful of Java files.
In a peculiar twist, shortly after RansomedVC’s announcement, an unidentified forum user claimed to be offering the very same Sony data – for free. This individual alleged that the data leak comprises login details for Sony’s internal platforms, SonarQube and Creators Cloud data, Sony’s certification documents, a device to produce licenses, and more.
If these breach allegations hold water, it would signify the second successful attack on Sony in a mere three months. Rewind to June and the Cl0p ransom cartel was citing Sony as a casualty in the notorious MOVEit Transfer hacks.
This isn’t Sony’s first rodeo with cyber assaults. The brand, with its expansive portfolio spanning electronics, PlayStation, and Sony Entertainment, has unfortunately been a frequent target.
Many still recall the 2011 incident when hacktivist group Anonymous orchestrated a distributed denial-of-service (DDoS) attack on Sony’s PlayStation network. This siege, lasting almost a month, crippled the PlayStation network and jeopardized the personal details of an astounding 77 million users.
This Cyber attack serves as a wake-up call for all businesses to take Cyber security seriously. Additionally, as technology advances, the risks of cyber threats grow, and it becomes paramount to implement comprehensive security measures to safeguard sensitive data.
We hope you’ve enjoyed this blog. Be sure to watch out for our future weekly blog releases and thanks for reading!