Ransomware Attack Hits Ferrer & Ojeda by Sarcoma Group
Ransomware Attack on Ferrer & Ojeda by Sarcoma Group
Ferrer & Ojeda, a leading insurance brokerage firm based in Spain, has recently been targeted by the notorious ransomware group Sarcoma. This attack has raised significant concerns about the cybersecurity measures in place at the company, which is known for its comprehensive insurance solutions and a strong national presence.
Company Profile: Ferrer & Ojeda
Ferrer & Ojeda, officially known as Ferrer y Ojeda Asociados Correduría de Seguros SL, is a prominent player in the Spanish insurance sector. With a history dating back to 1898, the company has grown to become one of the top five insurance brokers in Spain, excluding banks and international groups. The firm serves approximately 46,000 clients and manages around €150 million in premiums annually. Its workforce of over 210 professionals specializes in various areas, including client management, risk broking, and employee benefits services. The company's independence and diverse relationships with 236 insurance providers allow it to offer tailored solutions to its clients.
Attack Overview
The ransomware attack on Ferrer & Ojeda was orchestrated by the Sarcoma group, which has claimed responsibility on its dark web leak site. The attack involved the encryption of critical data, with the cybercriminals demanding a ransom for its release. This incident has disrupted the company's operations, highlighting vulnerabilities in its cybersecurity infrastructure. The attack underscores the ongoing threat posed by ransomware groups to organizations across various sectors.
About the Sarcoma Ransomware Group
Sarcoma is a relatively new ransomware group that has quickly gained notoriety for its aggressive tactics and significant data breaches. The group has targeted a diverse range of industries, with a slight preference for regions such as the USA, Canada, Australia, and Spain. Sarcoma distinguishes itself by employing a double extortion strategy, which involves both encrypting data and threatening to leak it publicly if demands are not met. The group operates a darknet leak site where it lists its victims and provides evidence of stolen data, promoting itself as a means to highlight poor security practices among organizations.
Potential Vulnerabilities
While the exact method of penetration into Ferrer & Ojeda's systems remains unclear, common vulnerabilities exploited by ransomware groups include outdated software, weak passwords, and insufficient network security measures. The attack on Ferrer & Ojeda serves as a stark reminder of the importance of maintaining effective cybersecurity protocols to protect sensitive data and ensure business continuity.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!