Educational Institutions, the Favorite Targets of Vice Society Ransomware in 2022
Over 33 Schools Were Attacked in the Last Year.
Last updated on December 9, 2022
Vice Society ransomware seemed to favor educational institutions in their attacks in 2022. The Cybercrime group targeted 33 schools in the last year, surpassing other threat actors like LockBit, BlackCat, BianLian, and Hive.
Other industry verticals that attracted unwanted attention were governments, healthcare, manufacturing, commerce, and legal services
Vice Society ransomware does not have a ransomware variant of its own, they are using pre-existing ransomware families like HelloKitty and Zeppelin. And in some cases, the group avoids deploying ransomware altogether and carries out extortion using exfiltrated stolen data.
Six days after the initial infection the ransom demanded by Vice Society ransomware can reach $1 million but the numbers may drop after negotiations up to $460,000.
School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable to threat actors. The opportunistic targeting often seen with cybercriminals can put even school districts with robust cybersecurity programs at risk. K-12 institutions may be seen as particularly lucrative targets due to the amount of sensitive student data accessible through school systems or their managed service providers.
Since it started, Vice impacted over 100 companies in total, and more than 90 of them were attacked in 2022 as shown by the gang’s leak site.
“Of the 100 organizations affected in total, 35 cases have been reported from the U.S., followed by 18 in the U.K., seven in Spain, six each in Brazil and France, four each in Germany and Italy, and three cases in Australia”, according to The Hacker News.
Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.