October 31, 2022
A cardboard box manufacturer in Wardrecques, France was hit by a cyberattack, most likely ransomware (Fr: “piratage”). Production was shutdown, and workers sent home. News reports are all in La Voix Du Nord which unfortunately is paywalled, but the headlines and synopsis says enough. The company’s systems were decrypted by a journalist, Damien Bancal, and ransom was not paid.
January 7, 2022
The machines at the Perlen paper factory in the Lucerne town of the same name are at a standstill due to a hacker attack. Newsprint and LWC production at Perlen and packaging production in Müllheim, Germany, which has been down since 7 January, restarted 6 days later on January 13. The chemistry division was not affected and was therefore able to continue production normally.
The factory normally outputs 1400 tons of newsprint paper per day. In a statement, the CPH Group said all IT systems were shut down on the 7th out of an abundance of caution and to contain any spread, strongly suggesting but not confirming they were a ransomware victim. They resumed production in January 13, after 6 days of downtime.
February 4, 2021
Atlanta, GA-based WestRock is undertaking extensive efforts to identify, contain and recover from this incident quickly and securely. Upon discovering the incident, WestRock immediately began an investigation, implemented business continuity processes and initiated response containment protocols with the support of cybersecurity experts. These actions included proactively shutting down certain systems in an abundance of caution, as well as taking steps to supplement existing security monitoring, scanning and protective measures. The Company also implemented measures, including manual processes, to respond to customers’ needs. The Company is now systematically bringing its information systems back online in a controlled, phased approach. The company reported packaging production through February 4 was approximately 85,000 tons lower than plan.
January 1, 1998
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
January 1, 1997
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
January 1, 1996
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
January 1, 1988
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
January 1, 2004
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.
January 1, 2003
WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.