NIST's guidance for a Zero Trust Architecture

Recent AD News

650+ compromised credentials found to be in use within NEW Cooperative-the latest organization hit by ransomware

NEW Cooperative, an Iowa-based farm cooperative was recently hit by a ransomware attack that forced it to take its systems offline. NEW Cooperative has operations in over 50 locations and provides a variety of digital and software services to its network of farmers.

The ransomware group BlackMatter is reportedly behind the attack. Security experts believe that BlackMatter is either being run by the same actors who created the DarkSide ransomware or have very close ties to its creators. Notably, it was an affiliate of the Darkside ransomware group that took down Colonial Pipeline a few months back. The Darkside group shut down operations shortly after the Colonial Pipeline attack citing pressure from the US government and global law enforcement agencies.   

BlackMatter is said to have demanded a ransom of $5.9 million from NEW Cooperative. However, the organization is working with law agencies and data security experts to see if they can recover the data. In the aftermath of the attack, digital identity management firm FYEO found that over 650 breached credentials were in use in the farm cooperative.

They found the password ‘chicken1’ was being used by over 120 employees. “The NewCoop ransomware situation is concerning for a number of reasons, the first being that hackers are still going after critical infrastructure and seeking to disrupt supply chains even when explicitly stating otherwise. Beyond that, it’s indicative of a larger problem: password management,” said Tammy Khan COO of FYEO to ZDNet.

It’s worth noting here that it was through a compromised password of an inactive VPN account threat actors managed to intrude into the Colonial Pipeline network and execute one of the largest ransomware attacks in recent times. Threat actors are taking advantage of the fact that the majority of the organizations continue to rely on passwords to protect various mission-critical infrastructures including Active Directory, despite struggling to weed out poor password practices.

Understanding how attackers think is the only way forward for organizations looking to reduce their attack surface.  

Related posts
Recent AD News

CISA, FBI, and NSA anticipate a rise in Conti ransomware attacks, issue joint cybersecurity advisory

Recent AD News

Azure security flaw puts Zero-Trust in the spotlight

Recent AD News

Attackers use stolen credentials to intrude into the UN network

Recent AD News

CISA and FBI expect ransomware attacks to soar over the Labor Day weekend, issue advisory

Leave a Reply

Your email address will not be published. Required fields are marked *