DragonForce Ransomware, like many other malicious groups, recently targeted the servers of 911 emergency services in California on June 16th of this year, an incident disclosed to the public earlier this week. According to reports from the South Bay Regional Public Communication Authority (SBRPCA), the attack impacted emergency services in Manhattan Beach, El Segundo, Hermosa Beach, Culver City, Hawthorne, and Gardena.
DragonForce, known for its involvement in double extortion attacks, has been active beyond California. The group notably targeted Yakult Australia, where they stole 950GB of data from IT systems operating in New Zealand and Australia.
In previous exploits, DragonForce seized over 400GB of data from Coca-Cola Singapore and obtained details of more than 1.5 million employees from the Ohio Lottery, totaling about 90GB of data.
Despite calls from international law enforcement agencies to ban ransom payments as a means to curb such cybercrimes, the decentralized nature of cryptocurrencies poses challenges to implementing a foolproof solution.
Law enforcement agencies are urging affected companies to share malware information to facilitate broader awareness and collaboration on decryption efforts. However, paying ransom to criminals does not guarantee receipt of a decryption key and can inadvertently fuel further criminal activity.
Reports suggest DragonForce is part of a Malaysian cybercriminal group with purported connections to distributors of espionage malware and a Chinese APT Group, as indicated in discussions on platforms like Reddit.
Ad