BrianKrebsAug 24, 2023

Yikes!

"CloudNordic has told customers to consider all of their data lost following a ransomware infection that encrypted the large Danish cloud provider's servers and "paralyzed CloudNordic completely," according to the IT outfit's online confession.

"The intrusion happened in the early-morning hours of August 18 during which miscreants shut down all of CloudNordic's systems, wiping both company and customers' websites and email systems. Since then, the IT team and third-party responders have been working to restore punters' data — but as of Tuesday, it's not looking great."

https://www.theregister.com/2023/08/23/ransomware_wipes_cloudnordic/

Criminals go full Viking on CloudNordic, wipe all servers and customer data

IT outfit says it can't — and won't — pay the ransom demand

The Register
Show threadBrianKrebsAug 24, 2023
Been saying this forever: If they can deploy spam bots or infostealer bots in your network w/out your knowing, they can just as easily deploy wipers. And we may soon be coming to an era when not paying a ransom means not just having all your data posted on some victim shaming site, but also getting all systems wiped.
Show threadPeoriaBummer
@briankrebs You know this beat better than anyone. Why aren’t any of these crews monetizing blackmail? In all this data, there is presumably a ton of compromising information. Why not target a few wealthy people with blackmail?
Aug 24, 2023 at 2:11pmWeb
Show threadBrianKrebsAug 24, 2023
@PeoriaBummer A form of this is quite common. They will research the board members, how much insurance they have, which investors might be spooked easily, and some ransom groups are known to start contacting these people and turning the screws that way. I would consider that a form of blackmail.
Show threadPeoriaBummerAug 24, 2023
@briankrebs Thanks for the reply! That’s fascinating and answers a question that’s been nagging at me for years. Much appreciated!