Highlights
Google Warns of Extortion Emails Targeting Executives
Alphabet’s Google has alerted that extortion emails are being sent to executives from numerous companies. The senders claim to have compromised sensitive information sourced from Oracle business applications. Google indicated that this campaign, which references the Oracle E-Business Suite, is taking place on a large scale, although the authenticity of the intruders’ claims remains unverified.
Details of the Extortion Campaign
In its statement, Google highlighted that a group alleging ties with the cl0p ransomware gang is responsible for these communications. The company mentioned it “does not currently have sufficient evidence to definitively assess the veracity of these claims.” However, Google has not disclosed the number of organisations targeted or the specific data that is purportedly stolen. Oracle has yet to respond to requests for comments on this matter.
The Severity of the Ransom Demands
Security experts have indicated that the demands for ransom are notably high. Cynthia Kaiser, who leads Halcyon’s Ransomware Research Center, remarked that her firm has encountered extortion requests “ranging from millions to tens of millions of dollars, with the highest demand reaching $50 million.” Kaiser noted that identifying the responsible parties remains complex due to considerable overlap among criminal groups and the prevalence of copycat operations.
The cl0p Ransomware Gang’s Involvement
The cl0p brand has been associated with various high-profile data breaches and extortion schemes, though it did not specify its involvement in this instance. In communication with Reuters, the group stated that the hackers were “not prepared to discuss details at this time.”
Recommended Actions for Recipients
Incident response teams recommend that individuals receiving such emails refrain from engaging with the senders. It is vital to maintain evidence for investigations and to work closely with internal security personnel and law enforcement. Organisations utilising the Oracle E-Business Suite should also conduct thorough reviews of access logs, monitor for any unusual activities, and ensure that the latest security patches and identity protection measures are implemented.
