Orange, the fourth-largest mobile operator in Europe, offers consumer communication services and business services to the enterprise. The ransomware attack targeted Orange’s Business Services division. The Nefilim ransomware group, which is also offering the data stolen from Orange via its data leak site attacked French telecommunication company Orange.
Stolen data by Nefilim
According to Trend Micro, a new ransomware named Nefilim has been discovered, threatening to release its victims’ data to the public if they fail to pay the ransom. It is most likely distributed through exposed Remote Desktop Protocol (RDP), as shared by SentinelLabs’ Vitali Krimez and ID Ransomware’s Michael Gillespie via Bleeping Computer.
Mark Bagley, vice president of product at enterprise cybersecurity company AttackIQ, said,
“Data is not just encrypted but actually stolen and often exposed – making these attacks even more detrimental. Because of this, it’s important to adopt a proactive and threat-informed approach to a security strategy that allows for an organization to know it can thwart ransomware attacks. Additionally, companies should use automated solutions that safely emulate the most common ransomware campaigns and their techniques to avoid falling victim.”