A Real Pain: CACTUS Ransomware Wreaks Havoc on VPNs

June 2, 2023

Introduction

Virtual private networks, more commonly known as VPNs, have long been touted as a more secure way to browse the Internet. They allow you to access the internet securely and anonymously, making it difficult for anyone to track your online activity. VPNs can also be used to bypass geo-restrictions and ISPs, allowing you to access content that may otherwise be blocked in your location. Some are paid, some are free; they all help you enjoy a secure and private browsing experience while protecting yourself from cyber threats.

How does it work? Basically, the VPN service creates an encrypted connection between your computer and the internet, allowing you to access websites, applications, and services without anyone else being able to monitor your activity.

Sounds great…but every software has its vulnerability. One malicious program is finding one in common VPNs.

CACTUS Ransomware

Circa March 2023, organizations began reporting odd behavior that was later uncovered to be CACTUS. This ransomware group as certainly entered center stage with a bang.

By compromising the VPN service directly, CACTUS can target specific networks. Since companies use VPNs to protect the transit and communication of their most private information, this nets the group serious leverage. They’re able to remotely monitor their target’s system and escalate their own privileges to carry out the attack.

Just like your VPN, CACTUS is encrypted. That makes it much harder for your antivirus and other continuous monitoring software to recognize it for what it is. This is one instance where you want your security team to pay attention themselves!

What Happens to Victims?

Quite typically for a ransomware group, the threat group behind CACTUS also employs double extortion techniques on their victims. So even if you pay the exorbitant ransom they charge, and even if they really do decrypt your information and give it back, they will then demand a second payment to stop them from publishing or selling copies of your private files.

Typically, ransomware groups don’t give your data back even if you pay! In fact, they run off with your money AND data over 90% of the time!

Much better, then, is to follow your company’s usual incident response plan when it comes to ransomware. Immediately report it to your IT team so they can enact next steps ASAP.

Conclusion

Ransomware has been one of the top threats to businesses of ALL sizes for years now. CACTUS is simply one example of why that trend doesn’t seem to be going away; if anything, it shows how threat actors continue to evolve trying to dart past our best defenses.

We need to be prepared for the worst! The cyber-threat landscape is getting savvier with every new defense mechanism we invent. Thus it’s critical to stay abreast of new threats so you can recognize the signs and defend your systems appropriately. CACTUS is only the latest ransomware threat to businesses today.

References

Most Recent Post

How to Properly Deploy IoT on a Business Network

How to Properly Deploy IoT on a Business Network

The Internet of Things (IoT) is no longer a futuristic concept. It's rapidly transforming industries and reshaping how businesses operate. IoT is a blanket term to describe smart devices that are internet enabled. One example is smart sensors monitoring production...

“Knowledgeable, reliable and trustworthy”

In addition to being knowledgeable, reliable and trustworthy, he’s very friendly and accessible. Would definitely use his services again.

Nyshie Perkinson

Senior Media Specialist, Center for Biological Diversity

Related Articles

Here Are 5 Data Security Trends to Prepare for in 2024

Here Are 5 Data Security Trends to Prepare for in 2024

With cyber threats evolving at an alarming pace, staying ahead of the curve is crucial. It’s a must for safeguarding sensitive information. Data security threats are becoming more sophisticated and prevalent. The landscape must change to keep up. In 2024, we can...

Beware of Deepfakes! Learn How to Spot the Different Types

Beware of Deepfakes! Learn How to Spot the Different Types

Have you ever seen a video of your favorite celebrity saying something outrageous? Then later, you find out it was completely fabricated? Or perhaps you've received an urgent email seemingly from your boss. But something felt off.Welcome to the world of deepfakes....