The NWO Is Still Recovering From Last Month’s Ransomware Attack

  • The NWO is still trying to stand on its feet, a month and a half after a DoppelPaymer ransomware attack.
  • The agency has informed the public that some data may be irreversibly lost, although the recovery isn’t finished yet.
  • There doesn’t seem to be any prospect for negotiation with the actors towards a ransom payment.

The Netherlands Organization for Scientific Research (NWO) published an update today, informing the world that while they are slowly getting back on track, the agency is still recovering from last month’s ransomware attack. The current status is that emails and telephones are up again, although not all lines have been set up yet. What still requires manual labor is work on documents, scheduling, adjusting the official guidelines, and reviewing the applications for scientific grants.

These applications will inevitably experience delays, so all timelines and the corresponding deadlines will be adjusted as required. Also, NWO states that most of the information that was encrypted during the February 08, 2021 ransomware attack has been recovered, but some key parts are still missing. Messages sent to NWO between February 6 and March 7, 2021, haven’t been recovered yet, and some of the information from the week prior to February 13 has also been lost. Unfortunately, there’s a good chance that this data won’t be possible to recover.

NWO’s measures now include the implementation of a sophisticated virus scanner, a new spam filter, and the adoption of multi-factor authentication for all users of the servers. NWO is rolling out these additional security measures with the help of external IT specialists, and according to the spokeswoman who shared a comment with a local media outlet, the agency was actually already planning this work, but the hackers attacked in the meantime.

According to what we were able to find with the help of KELA, the cyber-intelligence experts, the ransomware gang that hit NWO was DoppelPaymer, and the actors have already leaked a dozen files stolen from the servers of the Dutch research council.

Source: KELA

Agencies using the same network include the National Governing Body for Practice-oriented Research SIA, and the Netherlands Initiative for Education Research (NRO), the NRO Steering Body, the SIA Steering Body, TKI-HTSM, TKI Chemie, the European Polar Board, and the LNVH.

REVIEW OVERVIEW

Latest

Indian Banks and Finance Companies Targeted by Multi-Staged JSOutProx RAT Malware

Indian banks and financial institutions are being targeted by a multi-tier JSOutProx RAT that acts in two stages.The malware uses spear-phishing emails...

Mega Deletes 144,000+ User Accounts for Repeated Copyright Infringement

Mega has changed its policies and terminated over 144,000 accounts for repeated copyright infringement violations.The company says flagged data is taken down...

YouTube Creators Targeted With Phishing Scams Based on Cookie Theft Malware

Google discoverd a new Cookie Theft-based phishing scam that targeted channels belonging to YouTube creators.Actors were sending phishing emails and hijacking channels...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari