Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label data extortion group 'Karakurt'. Show all posts

Religious Institutions Become the Latest Focus of Cybercrime Groups

Over the weekend, two long-standing malicious groups declared their responsibility for attacking religious organizations. This marks a new direction for these groups, as they typically target corporations and government agencies rather than religious institutions. 

On Saturday, the LockBit ransomware group announced that it had successfully breached the systems of Relentless Church, a South Carolina-based evangelical megachurch with over 15,000 members and a massive online following. The group claimed to have obtained sensitive employee data, including financial documents and passports. Despite attempts to contact the church, no comment has been provided regarding the cyber attack. 

After a day, Our Sunday Visitor, a Catholic publishing company with a rich history that dates back to 1912, was reportedly targeted by another malicious group. And, the group that took responsibility for the attack is the data extortion group, Karakurt. The group further said that it has breached the organization's systems and stole a massive 130 gigabytes of sensitive data, including HR information, financial contracts, accounting documents, invoices, marketing information, and employee data. 

Our Sunday Visitor is known for producing a variety of Catholic-related content such as religious books, newsletters, and pamphlets. Jim Weigert, the Chief Marketing Officer of Our Sunday Visitor, confirmed that the company detected suspicious activity on their network and took immediate measures to investigate and secure their systems. 

Third-party experts were called in and law enforcement was notified. While he did not disclose whether a ransom demand was made, Weigert stated that the organization is dedicated to safeguarding the data they handle and will update its protocols to protect the data of the organization. Our Sunday Visitor's servers remained operational throughout the investigation. 

According to experts, it is uncommon for malicious groups to target religious institutions, as some groups have banned affiliates from attacking such organizations. Although such rules are sometimes disregarded, especially in the case of hospitals, there have been recent cases of enforcement. 

Last week, the LockBit ransomware group apologized for an attack on Keystone SMILES Community Learning Center and offered a free decryptor, which the organization did not comment on whether it was used. 

Jon DiMaggio, chief security strategist at Analyst1 who has studied LockBit’s operations extensively said that “they are the most notorious ransomware group, because of sheer volume. And the reason for their success is that the leader is a good businessman…” 

“…It’s not that he’s got this great leadership capability. They made a point-and-click ransomware that anyone could use, they update their software, they’re constantly looking for user feedback, they care about their user experience, and they poach people from rival gangs. He runs it like a business, and because of that, it is very, very attractive to criminals.”