vicesociety attacks Consejo Superior de

Incident Date: Aug 18, 2022

Attack Overview

VICTIM

Consejo Superior de

INDUSTRY

Government

LOCATION

Spain

ATTACKER

Vicesociety

FIRST REPORTED

August 18, 2022

Request Removal

Consejo Superior de la Judicatura Targeted by Play Ransomware Group

About the Victim

The Consejo Superior de la Judicatura, a pivotal Colombian government entity tasked with overseeing the administration of justice, plays a crucial role in the appointment and promotion of magistrates, as well as the broader administration of the judicial system. Its official website serves as a vital resource for judicial information, including notices, lists of aspirants for magistrate positions, and updates on judicial terms.

Size and Industry Standout

As a significant component of the Colombian government's justice administration, the Consejo Superior de la Judicatura's influence and role underscore its importance, particularly in the context of the impact of the ransomware attack it suffered.

Vulnerabilities

The Play Ransomware group, also identified as Playcrypt, targets organizations with identifiable security weaknesses. Their method involves exploiting known vulnerabilities, including exposed RDP servers and specific FortiOS vulnerabilities (CVE-2018-13379 and CVE-2020-12812), to infiltrate networks. Subsequently, they employ various techniques such as lolbins, Group Policy Objects, scheduled tasks, PsExec, and wmic for distributing executables and commandeering the internal network.

Mitigation Strategies

Organizations can mitigate the risk of ransomware attacks through several strategies: implementing multifactor authentication, adhering to the least privilege principle, enabling both logical and physical network segmentation, deploying attack surface management, securing domain controllers, maintaining offline and encrypted backups, and diligently tracking security patches along with software/OS updates.

The attack by the Play Ransomware group on the Consejo Superior de la Judicatura underscores the imperative for organizations to fortify their cybersecurity defenses. The exploitation of known vulnerabilities coupled with advanced evasion techniques by ransomware groups poses a significant threat to targeted entities. It is essential for organizations to remain vigilant about emerging threats and to adopt comprehensive security measures to safeguard against such attacks.

Sources

Consejo Superior de la Judicatura - Noticias
SOCRadar - Dark Web Profile: Play Ransomware. Available at https://www.socradar.com

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.