Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

  

USA Computer Services Blog

USA Computer Services has been serving small and medium sized businesses since 2012, providing IT Support such as technical helpdesk support, computer support and consulting.

The Zeppelin Group is Making Us Ramble On About Ransomware

The Zeppelin Group is Making Us Ramble On About Ransomware

We apologize for the pun, but we couldn’t help ourselves.

When you go about your business and attempt to onboard a new client or implement a new tool for your company, you spend time getting to know what your business is doing and why. Well, a newly formed ransomware group will spend up to two weeks mapping your network before launching its attacks, making it a potent threat actor that you should keep an eye out for on your business network.

What is Zeppelin?

This threat actor, a ransomware group called Zeppelin, is notorious in the cyber threat landscape for demanding large ransoms from even larger businesses in the United States and Europe. The US Cybersecurity and Infrastructure Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint warning about the ransomware group.

Having been around since 2019, Zeppelin has launched attacks against businesses in the healthcare, manufacturing, defense, education, and technology sectors. It grew in notoriety for its ransomware-as-a-service offerings and its VegaLocker ransomware, and it has a penchant for targeting healthcare or medical organizations. Ransoms range from thousands of dollars to over a million dollars in some cases.

What Tactics are Being Used?

How is this group able to demand such high ransoms and get away with it? It’s all rooted in their tactics.

The FBI and CISA have found that Zeppelin is a well-organized threat that takes plenty of time to scope out their victims’ network before launching attacks. They take great care in laying the groundwork before they launch their ransomware attacks, looking into potential cloud services and backup solutions in place. After the attacks have been launched, victims are hit with multiple instances of the ransomware and could require several decryption keys to get back in action following the attack.

The joint advisory reads: “The FBI has observed instances where Zeppelin actors executed their malware multiple times within a victim's network, resulting in the creation of different IDs or file extensions, for each instance of an attack; this results in the victim needing several unique decryption keys.”

What Do You Do?

As always, we recommend that you do not pay the ransom under any circumstances, even if the situation seems dire and there is no way out. Paying the ransom only reinforces that ransomware as a threat works against companies like you, and by paying these hackers for the safe return of your data, you are effectively funding further attacks against other organizations just like yours.

Furthermore, there is no guarantee that you will get your data back just by paying the hacker, as it is quite common for ransomware victims to have difficulties with the encryption key following an infection and subsequent ransom payment. There are compliance issues involved too, and though you might feel strong-armed into making this decision, there are better approaches to ransomware that we urge you to consider.

Ransomware can be intimidating, but you should know that you have trusted allies on your side in the fight to protect your infrastructure. By contacting USA Computer Services, you can protect your organization’s network, educate your employees, and have a valued resource for any and all of your cybersecurity troubles. We can help you properly address ransomware both before and during an attack so you can optimize your chances of recovering.

To learn more, reach out to us at (704) 665-1619.

Tip of the Week: Creating an Event in Google Calen...
Forcing Remote Teams to Come Back Full Time May Be...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, December 21, 2024

Captcha Image

Customer Login

Contact Us

Learn more about what USA Computer Services can do for your business.

Headquarters:
525 North Tryon St. #1600
Charlotte, NC 28202

Additional Location:
859 Willard St #400
Quincy, MA 02169
Additional Location:
60 State Street #700
Boston, MA 02129