Article
Cyber Security

What you need to know about ransomware threat Zeppelin

By Vikki Davies
August 24, 2022
undefined mins
Dr Darren Williams, CEO and Founder of ransomware specialist Blackfog, looks at how cybercriminals are using Zeppelin to attack hybrid working companies.

The Federal Bureau of Investigation (FBI) in conjunction with the Cybersecurity and Infrastructure Security Agency (CISA) have issued a new warning on a strain of ransomware targeting companies.

Zeppelin is a high-tech attempt to hold companies' data hostage and the hackers behind it are demanding as much as a million dollars to get data back.

The FBI and CISA warn the targets in this attack are companies with employees working from home.

"Zeppelin ransomware has been particularly interested in targeting the health care industries," said FBI Agent Elvis Chan. "Attackers are looking for cash cows that have weak cybersecurity."

What is Zeppelin?

Dr Darren Williams, CEO and Founder of ransomware specialists Blackfog, offers the following unique insight: “Zeppelin ransomware, a fairly well-known malware strain has been in known use since 2019, often to target a wide range of businesses and critical infrastructure organisations. Zeppelin actors have been known to request ransom payments in Bitcoin, with initial amounts ranging from several thousand dollars to over a million dollars.

"Zeppelin’s unique attack path is such that the FBI have observed the attackers executing the malware multiple times in the network, leaving a great big sting on the victim, who needs multiple unique decryption keys to combat the attack.

 "Attacks on hybrid working companies are nothing new, however it is crucial that employees remember they play a part in protecting themselves and the employer, too."

How to protect yourself from Zeppelin

Williams says: "Attacks from vectors such as Zeppelin often start with a simple phishing email - employers must ensure they educate and remind their employees on cyber security best practices, to minimise attack risk. Standard, good cyber hygiene practice is essential here: remembering to regularly change passwords and use MFA as a basic practice. That said, if a threat actor wants to find their way in, they will! What matters is the data they were able to obtain and leave with.

"Most cybercriminal gangs aim for extortion – organisations should also consider anti-data exfiltration to block the attacker and prevent data from being exfiltrated.”

CybersecuritycybercrimecyberattackRansomwareZeppelin
Share
Share
Author
Vikki Davies

Featured Articles

Barracuda: Why Businesses Struggle to Manage Cyber Risk

Barracuda Networks CIO report shows that six in 10 businesses struggle to manage cyber risk, with issues such as policy struggles and management buy-in

Evri, Amazon and Paypal Among Brands Most Used by Scammers

With the development of AI, cybercriminals are becoming more and more sophisticated in their attacks, using fake websites and impersonating popular brands

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Technology & AI

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Cyber Security

Speaker Lineup Announced for Tech Show London 2024

Technology & AI