Sorry for the bird: a zoo in Florida was subjected to an extortion attack
Who is behind this cyberattack, and what have the cute animals done to the ruthless hackers?
ZooTampa, one of the most popular zoos in the United States, was the victim of a cyberattack that stole employee and supplier information. Responsible for the attack, as researchers believe, is a subsidiary of the Royal extortion gang that attacked a few months ago local infrastructure of the city of Dallas.
“After the discovery of the incident, the zoo immediately took action and hired third-party computer security specialists to help secure the network environment and investigate the extent of unauthorized activity,” a ZooTampa spokesperson said, stressing that the zoo is actively cooperating with law enforcement on the incident.
The organization has also notified employees and vendors whose information may have been exposed to attackers and is continuing to investigate. “ZooTampa does not store personal or financial information about daily visitors or club members,” a park spokesperson added.
ZooTampa is a top 10 zoo in the United States, operated by a non-profit organization and has been recognized as the center for the conservation of Florida’s flora, fauna and biodiversity. The zoo is currently in the process of raising funds for a $125 million renovation. announced in December perhaps this is why the hackers attacked ZooTampa – the extortionists know for sure that the zoo has money.
The spokesperson did not respond to questions about whether the attack was related to ransomware, but on July 5, the BlackSuit group she said that attacked ZooTampa.
BlackSuit is a relatively new grouping that appeared literally in mid-May of this year, about which we told after the release of the company’s report Trend Micro. According to researchers, the group has ties to the Royal extortion gang.
In addition, both BlackSuit and Royal have ties to the disbanded Conti gang, which ceased to exist last June and, according to experts, has split into several new gangs. Although BlackSuit is a recent group, its operators are likely to be very experienced due to their work with Conti and other types of ransomware.
“It usually takes some time between attacks and the publication of victim data on ransomware sites, so I think we will see more BlackSuit victims soon,” the researchers added.