Updated: Texas-Based Data Center CyrusOne Hit by Ransomware Attack

Published at: Dec. 5, 2019

Updated Dec. 5, 20:30 UTC: This article has been updated to include comments provided by CyrusOne.

Texas-based data center provider CyrusOne has reportedly fallen victim to an attack from REvil (Sodinokibi) ransomware, business tech-focused publication ZDNet reported on Dec. 5.

One of the largest data centers in the United States, CyrusOne has reportedly been exposed to an attack by a variant of the REvil (Sodinokibi) ransomware, which previously hit a number of service providers, local governments and businesses in the country.

The scope of the attack

In an email to Cointelegraph, CyrusOne confirmed:

“Six of our managed service customers, located primarily in our New York data center, have experienced availability issues due to a ransomware program encrypting certain devices in their network.” 

The firm went on to assure viewers that law enforcement was working on the matter and that their “data center colocation services, including IX and IP Network Services, are not involved in this incident.” 

Just business

Per the ransom note obtained by ZDNet, the attackers targeted CyrusOne’s network, with the sole objective of receiving a ransom. Those behind the attack claimed in the note that they consider the attack nothing more than a business transaction, aimed exclusively at profiting.

In the event the company does not cooperate with the attackers, it will purportedly lose the affected data as the cybercriminals claim to have the private key.

To pay or not to pay?

This spring, Riviera Beach, Florida, was hit by a hacker attack, in which the hackers allegedly encrypted government records, blocking access to critical information and leaving the city without an ability to accept utility payments other than in person or by regular mail. The city council eventually agreed to pay nearly $600,000 worth of Bitcoin (BTC) to regain access to data encrypted in the attack.

In late October, hackers compromised the website of the city of Johannesburg, South Africa, and demanded ransom in Bitcoin. The breach affected several customer-facing systems — hardware or software customers interact with directly, such as user interfaces and help desks. The city authorities refused to pay the ransom.

Meanwhile, a number of Finnish cities and organizations are rehearsing how to respond when a group of hackers demands the participants pay ransomware during a series of simulated cyberattacks.

Tags
Blockchain
United States
Hacks
Crimes
Ransomware
Related Posts
US Secret Service Creates Finance-Related Cybercrime Task Force
The U.S. Secret Service announced the creation of the Cyber Fraud Task Force, or CFTF on July 10, after merged its Electronic Crimes Task Forces and Financial Crimes Task Forces into a single network. According to the official announcement, the Secret Service had been planning over two years to create a unified task force to combat cybercrimes related to the financial sector and fight things like ransomware attacks, business email compromise scams, credit card online stealing, among others. The CFTF appears in a context that the illegal market of credit card stolen data through the dark web and banking details …
Blockchain / July 12, 2020
The Latest Ransomware Victim Is a NASA Contractor
As SpaceX and NASA celebrated their first human-operated rocket launch on May 30, cybercriminals behind a ransomware known as DopplePaymer launched an attack against one of NASA’s IT contractors. According to a blog post by the hackers, the gang managed to breach the network of the Maryland-based Digital Management Inc, or DMI. This company provides IT and cyber-security services to several Fortune 100 companies and government agencies. DopplePaymer hackers leaked almost 20 archive files belonging to NASA through a portal operated by the gang, including HR documents and project plans. Some of the employee details matched with public LinkedIn records. …
Technology / June 5, 2020
Ransomware Threatens Production of 300 Ventilators Per Day
The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are threatening to leak data from the company. Cointelegraph has viewed the DoppelPaymer blog, where the gang lists example files of the data stolen during the attack, including sales and purchase orders, assignment forms, among others. The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm. Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the …
Blockchain / Aug. 7, 2020
New Ransomware Uses Sophisticated Evasion Techniques
Cybersecurity firm, Recorded Future, revealed on June 10 that a ransomware attack named “Thanos” has been promoted on a number of darknet hacking forums since February. According to the report, Recorded Future’s Insikt Group uncovered the new ransomware-as-a-service attack. “Ransomware-as-a-service” methods consist of allowing external hackers to use the ransomware to attack their targets in exchange for adhering to a revenue-share scheme with the developers by splitting profits of 60% - 70% approximately. The major feature of Thanos ransomware Speaking with Cointelegraph, Lindsay Kaye, director of operational outcomes of Insikt Group at Recorded Future, explains further the encryption’s feature used …
Technology / June 11, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020