conti attacks iTCo Solutions Ltd

Incident Date: Feb 13, 2022

Attack Overview

VICTIM

iTCo Solutions Ltd

INDUSTRY

Software

LOCATION

New Zealand

ATTACKER

Conti

FIRST REPORTED

February 13, 2022

Request Removal

ITCO Solutions Ltd Ransomware Attack

Overview of the Incident

ITCO Solutions Ltd, a New Zealand-based software solutions provider, recently fell victim to a ransomware attack orchestrated by the Conti group. This incident was disclosed on the group's dark web leak site. ITCO Solutions, with its headquarters in Rotorua, New Zealand, employs a team of 25 and offers a range of services including cloud-based business software, Microsoft product subscriptions, and comprehensive IT support. The company caters to businesses throughout New Zealand, aiming to streamline computing costs, inventory management, financial operations, and point of sale systems.

Technical Vulnerabilities Exploited

The specific vulnerabilities that facilitated this attack have not been detailed. Nonetheless, it is widely recognized that ransomware attacks frequently leverage weaknesses such as outdated software, unpatched systems, and insufficient password security. In the case of ITCO Solutions, the company's use of legacy operating systems, including Windows 7 for computers and Windows Server 2008 & 2012 for servers, likely played a role in the breach.

Conti Ransomware Group's Modus Operandi

The Conti ransomware group, notorious for its attacks on diverse sectors such as healthcare, manufacturing, and government agencies, demands ransom in exchange for decryption keys. Additionally, they threaten to release stolen data publicly if their demands are not met. This attack on ITCO Solutions Ltd underscores the persistent threat posed by ransomware, which has seen 71% of organizations globally experiencing at least one attack in 2022. The average total cost of these attacks has soared to $4.3 million, with many ransomware variants now engaging in double-extortion tactics by exfiltrating data prior to encryption.

Preventative Measures and Recommendations

The National Cyber Security Centre (NCSC) offers comprehensive guidance on mitigating the risks of malware and ransomware attacks. Key recommendations include regular software updates, user education on potential threats, and the development of robust incident response plans. These measures are critical in safeguarding against the evolving tactics of ransomware groups.

Sources

National Cyber Security Centre (NCSC) - Mitigating malware and ransomware attacks
2022 Ransomware Statistics - Distribution of ransomware infections worldwide
Average Cost of Ransomware Attack in 2022 - IBM Security Ransomware Report

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.