Forbes reports:
Now, a new threat intelligence report has revealed how financially motivated Chinese cybercriminals are targeting government offices, the energy sector, factories, financial services, and, yes, hospitals across the globe. However, North America and the U.K. have been most attacked by the Ghost ransomware hackers.
According to a new report from Rebecca Harpur at Blackfog, the Ghost threat campaigns are operated by a financially motivated group from China and don’t have any known state affiliations. These attacks are, Hurpur said, “driven by profit rather than espionage.” It’s also known that Ghost has gone by many other names over the years, before ending up at this one: Cring, Crypt3r and Hello, as well as a closely related Phantom moniker. “By constantly rebranding,” Harpur explained, “Ghost makes it more difficult for authorities to pin down its activities as one group.”
This hasn’t, however, stopped the Cybersecurity and Infrastructure Security Agency and the FBI from issuing a joint advisory warning of the dangers that Ghost presents to “organizations across more than 70 countries.” Those compromises all follow a familiar playbook, the Blackfog threat intelligence report warned: “a ransom note threatens permanent data loss (or public release of stolen files) unless payment is made.”
Read more at Forbes.
Related: Ghost Ransomware: The New Cyber Menace Targeting 70+ Countries (BlackFog)
