Multinational electronics firm JVCKenwood admitted that it had been hit by a security incident that affected some of its operations in Europe. The company also admitted there was a possible breach of sensitive information during the cyberattack. However, there is no sign of customers data leak at present. Several security experts suspect that the Conti Ransomware group is behind the security incident.
Based in Japan, JVCKenwood is known for its brands JVC, Kenwood, and Victor, which provide equipment to automobile and health care organizations.
“JVCKenwood detected unauthorized access on September 22, 2021, to the servers operated by some of the JVCKENWOOD Group’s sales companies in Europe. It was found that there was a possibility of information leak by the third-party who made the unauthorized access,” the company said in an official statement.
Conti Ransomware Attack
While JVCKenwood is investigating the incident to find further details, multiple reports claimed that Conti ransomware attackers have compromised the critical networks and stole over 1.7 TB of data. The attackers reportedly demanded a $7 million ransom to decrypt the critical files.
Conti is a Russian-speaking ransomware group that reportedly victimized more than 400 organizations worldwide, of which 290 are in the U.S. alone. Conti attackers infiltrate victim networks through phishing emails (malicious links or attachments) or stolen/cracked remote desktop protocol (RDP) credentials. Their average recorded dwell time in the victim’s network ranges between four days to three weeks. The highest recorded bid of the Conti ransomware gang stands at $25 million.
CISA, FBI, and NSA Warn About Conti Ransomware
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the FBI alerted users and organizations about the rise of Conti ransomware attacks.
Protect against the #Conti #ransomware threat using the #cybersecurity guidance from @CISAgov, @FBI and NSA. Understand Conti group TTPs and take immediate action: https://t.co/Fa1jQdtyoP pic.twitter.com/3Tt3GVorkU
— NSA Cyber (@NSACyber) September 22, 2021
To secure organizations’ critical systems against Conti ransomware, the agencies recommended certain security mitigations such as enabling multi-factor authentication, implementing network segmentation, and keeping operating systems and software up to date.