General Insurance Article - Potential targets identified in VMware ransomware campaign


CyberCube has identified companies at risk of attack in a new ransomware campaign impacting thousands of businesses globally.

 The automated ransomware campaign called ESXiArgs is targeting outdated VMware ESXi servers globally. Starting on Feb 9, 2023, the cybersecurity community reported threat actors successfully improving their attacks. The campaign encrypts configuration files on vulnerable ESXi servers, potentially rendering clients’ virtual machines (VMs) unusable. Internet-wide scans within days after the first reports surfaced showed a rapid infection rate with over 2,000 servers infected.

 According to the research “CyberCube Briefing: Ransomware Risks & VMware Servers”, up to 70,000 ESXi hypervisors globally could become vulnerable. CyberCube has analyzed companies in its Industry Exposure Database (IED) to identify organizations running VMware ESXi hypervisors that could be vulnerable to the ESXiArgs ransomware.

 William Altman, CyberCube’s Cyber Threat Intelligence Principal, said: “Large US-based insureds operating in banking, education, manufacturing, non-profit, aviation, and agriculture are at higher risk of being attacked by threat actors leveraging vulnerabilities in ESXi hypervisors compared to insureds operating in other industries.

 “Large insureds ($1 billion-plus revenue) are at greater risk than medium, small, or micro-sized insureds. Large-sized companies are more likely to require the use of hypervisors and virtual machines as the foundation for the large-scale deployment of cloud computing and cloud storage resources.”

 Yvette Essen, CyberCube’s Head of Content, Communications & Creative, said: “The majority of impacted ESXi servers are in France and Germany. Cybersecurity agencies in other countries, including Singapore, have also raised alarms. At least a dozen universities have been reported to be impacted, including the Georgia Institute of Technology in Atlanta, Rice University in Houston, and institutions of higher learning in Hungary and Slovakia. Florida’s Supreme Court has also stated that it was impacted by ESXiArgs ransomware.”

 CyberCube has modeled a large-scale ransomware attack as part of Portfolio Manager, a scenario-based data-driven model that enables risk professionals to develop insights for their senior leadership and teams. It also allows stress testing of portfolios of insurance risk so that loss drivers and areas of accumulation risk can be identified.
  

Back to Index


Similar News to this Story

Business interruption is top risk for food and drink firms
Almost half of food and drink companies (48%) said that business interruption was the biggest internal risk to their success, closely followed by supp
Shipping losses hit all time low despite increasing risks
Allianz Safety and Shipping Review 2024: 26 large ships lost worldwide in 2023, down by one third year-on-year, the industry’s lowest ever total. War
The London Market grows contribution to economy to GBP50 bn
The London market employs 60,000 people and contributes nearly £50bn to the UK economy – 2% of GDP overall, an increase of 26% on 2020. To put £50bn i

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.