Menu

Topics

Connect

Comments

Comments closed.

Due to the sensitive and/or legal subject matter of some of the content on globalnews.ca, we reserve the ability to disable comments from time to time.

Please see our Commenting Policy for more.

Ontario security company uncovers ransomware gang affiliate pledging allegiance to Russia

File Photo / Getty Images

TORONTO — An Ontario security software company says it has discovered a new affiliate of a ransomware gang that has pledged allegiance to Russia carrying out attacks with threat emulation technology.

Story continues below advertisement

Waterloo, Ont.-based eSentire says its threat response unit has been tracking an affiliate of Conti since August and discovered the group used Cobalt Strike in two attacks around Valentine’s Day, as tensions between Russia and Ukraine were escalating.

The firm calls Cobalt Strike “the Swiss army knife of cyber intrusions” because the tool can replicate and launch sophisticated cyberattacks that can test security detections, protections and response systems, but is being used by threat actors to compromise IT environments and spread throughout networks.

The threat response unit intercepted an attack using Cobalt Strike to try to breach an unnamed children’s charity and hours later, found it being used to target a legal firm.

It says Conti is comprised of sophisticated ransomware developers and operators known for compromising and disrupting the operations of health-care organizations, emergency services, municipalities, oil transportation and electric companies and schools.

Story continues below advertisement

Conti claimed responsibility for a cyberattack on a Quebec smelter Rio Tinto operates earlier this month.

Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article