Banco Pichincha and the Ecuador Ministry of Finance hacked
April 1, 2021
Cheese shortage in Dutch supermarkets after a ransomware attack
April 27, 2021
The premium Italian menswear brand Boggi Milano has confirmed that was hit with a ransomware attack. Representatives of the clothing line said that an investigation is under way and that the company is cooperating with Italian authorities.
The hacker group called Ragnarok bragged on its Dark Web blog that they compromised Boggi Milano servers and stole about 40 gigabytes of data, including human resource files such as salary information, payment PDFs, vouchers, tax documents and more. No one has revealed how much Ragnarok wanted to return the files.
How do ransomware attacks work?
Ransomware is a type of malware that locks computers and prevents users from accessing their system or private files, demanding a payment in order to get the access back. Unlike years ago, when payments were to be sent via snail mail, today organizations targeted with ransomware must pay the ransom via cryptocurrency or credit card. The costs to get the decryption key can range from a few hundred dollars to thousands.
Ransomware is today among the most popular threats characterizing the cybersecurity landscape for two main reasons: first of all, it is very easy to implement and, secondly, it allows to make an easy profit.
According to Clusit (the Italian Association for Cybersecurity), in 2020 cyber-attacks were mainly carried out using Malware (42%), among which the so-called Ransomware stands out. This type of malware is spreading rapidly, thus having been used in almost a third of all the attacks performed in Italy during the past year.
How to protect your company?
The ransomware attack like the one that happened to Boggi Milano is one of many, that hit fashion and other brands all around Italy and beyond. Here are a few tips on how to prevent a ransomware attack:
- Invest in security awareness training. Phishing emails are among the most common methods used to spread ransom malware: when the user follows a link or opens a malicious attachment, cybercriminals gain access to the work device and start installing and executing the ransomware program on it. With better employee training, these incidents can be significantly reduced.
- Implement DNS filtering solutions. More than 91% of all malware uses DNS to communicate with the server, to steal data or redirect traffic to malicious sites. With DNS filters, it’s possible to overview the traffic going through DNS and block new malware not yet recognized by antispam, firewall and proxies.
- Check the security posture of your organization. By continuously monitoring and assessing their overall security status, companies can easily prevent different types of malware and cybercrimes, thus reducing the appropriation of personal and corporate data as well as the occurrence of other serious consequences.
A Boggi Milano shop in Nice, France. Photographer: Sebastien Nogier/EPA-EFE/Shutterstock
