General Insurance Article - Potential targets identified in VMware ransomware campaign

CyberCube has identified companies at risk of attack in a new ransomware campaign impacting thousands of businesses globally.

 The automated ransomware campaign called ESXiArgs is targeting outdated VMware ESXi servers globally. Starting on Feb 9, 2023, the cybersecurity community reported threat actors successfully improving their attacks. The campaign encrypts configuration files on vulnerable ESXi servers, potentially rendering clients’ virtual machines (VMs) unusable. Internet-wide scans within days after the first reports surfaced showed a rapid infection rate with over 2,000 servers infected.

 According to the research “CyberCube Briefing: Ransomware Risks & VMware Servers”, up to 70,000 ESXi hypervisors globally could become vulnerable. CyberCube has analyzed companies in its Industry Exposure Database (IED) to identify organizations running VMware ESXi hypervisors that could be vulnerable to the ESXiArgs ransomware.

 William Altman, CyberCube’s Cyber Threat Intelligence Principal, said: “Large US-based insureds operating in banking, education, manufacturing, non-profit, aviation, and agriculture are at higher risk of being attacked by threat actors leveraging vulnerabilities in ESXi hypervisors compared to insureds operating in other industries.

 “Large insureds ($1 billion-plus revenue) are at greater risk than medium, small, or micro-sized insureds. Large-sized companies are more likely to require the use of hypervisors and virtual machines as the foundation for the large-scale deployment of cloud computing and cloud storage resources.”

 Yvette Essen, CyberCube’s Head of Content, Communications & Creative, said: “The majority of impacted ESXi servers are in France and Germany. Cybersecurity agencies in other countries, including Singapore, have also raised alarms. At least a dozen universities have been reported to be impacted, including the Georgia Institute of Technology in Atlanta, Rice University in Houston, and institutions of higher learning in Hungary and Slovakia. Florida’s Supreme Court has also stated that it was impacted by ESXiArgs ransomware.”

 CyberCube has modeled a large-scale ransomware attack as part of Portfolio Manager, a scenario-based data-driven model that enables risk professionals to develop insights for their senior leadership and teams. It also allows stress testing of portfolios of insurance risk so that loss drivers and areas of accumulation risk can be identified.

Back to Index

Similar News to this Story

Top 10 predictions for insurers in 2024
EIS has released its insurance sector forecast for 2024. The global coretech platform provider believes there’s every reason to be optimistic. Despite
Uninsured driving conviction statistics 2022
The number of drivers found guilty at court for insurance related offences exceeded 117,000, with a third of convictions handed to drivers keeping a v
Insurers predict top trends for 2024
Insurance industry leaders from across Europe forecast high inflation and interest rates, attracting and retaining talent, and digital transformation

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS


Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.