Ransomware, Data Security

Suspicious cyber activity addressed by University of Oklahoma amid Fog ransomware claims

Ransomware attack alert on monitor screen in data center, network security concept

(Adobe Stock)

Officials at the University of Oklahoma disclosed isolating certain systems impacted by suspicious IT network activity after the Fog ransomware gang took responsibility for the intrusion, which it claims resulted in the exfiltration of 91 MB of data, including employee and financial details, according to The Record, a news site by cybersecurity firm Recorded Future.

Investigation into the incident is still underway, said a University of Oklahoma spokesperson, who also noted the implementation of additional network security measures. Such a development comes amid Fog ransomware's persistent targeting of U.S. education institutions, which Arctic Wolf researchers previously reported to account for 80% of the ransomware group's victims since its emergence in May. "In each of the cases investigated, forensic evidence indicated that threat actors were able to access victim environments by leveraging compromised VPN credentials. Notably, the remote access occurred through two separate VPN gateway vendors," said Arctic Wolf.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

RansomHub attack disrupts Minnesota tribal community systems

Minnesota's Lower Sioux Indian Community had operations of its healthcare facility, government center, and casino taken down by a cyberattack initially disclosed by officials on Friday and later claimed by the RansomHub ransomware-as-a-service operation earlier this week, reports The Record, a news site by cybersecurity firm Recorded Future.

Hunters International shifting tactics amid growing risks

Mounting threats to the profitability of ransomware operations amid escalating law enforcement clampdowns, even by Russia, have prompted the Hunters International ransomware-as-a-service gang to alert affiliates regarding an ongoing rebrand to the data theft-focused "World Leaks" in November, only for the group to roll back such an announcement weeks later, The Register reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Block CipherCiphertextData Encryption Standard (DES)Data Loss Prevention (DLP)DecryptionDiffie-HellmanDigital EnvelopeDigital SignatureDigital Signature Algorithm (DSA)Digital Signature Standard (DSS)

You can skip this ad in 5 seconds