Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Cambridge University Press & Assessment Ends Up in the DLS of INC Ransomware

Pietro Melillo : 29 June 2024 20:38

In a recent cyberattack, the cybercriminal group known as “INC Ransomware” declared that they had breached the systems of Cambridge University Press & Assessment, employing a double extortion strategy. This tactic, increasingly common among ransomware groups, involves the theft and encryption of the victim’s data, followed by the threat of publicly disclosing the data if a ransom is not paid.

The Attack on Cambridge University Press & Assessment

On June 24, 2024, the INC Ransomware group published information related to the attack on their disclosure blog, including stolen documents as proof of the intrusion. Cambridge University Press & Assessment, one of the leading global institutions in the field of academic publishing and educational assessments, with an annual revenue of $558.4 million, was targeted due to its significance and the volume of sensitive data it handles.

Currently, we are unable to confirm the accuracy of the reported information as no official press release regarding the incident has been issued on the company’s website.

The Double Extortion Tactic

Sei un Esperto di Formazione?
Entra anche tu nel Partner program!
Accedi alla sezione riservata ai Creator sulla nostra Academy e scopri i vantaggi riservati ai membri del Partner program.
Per ulteriori informazioni, scrivici ad [email protected] oppure su Whatsapp al 379 163 8765 

Supporta RHC attraverso:


Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo

Double extortion is a sophisticated technique in which cybercriminals not only encrypt the victim’s data, making it inaccessible, but also threaten to disclose these sensitive data if the ransom is not paid. This puts enormous pressure on the victim company, which faces not only the loss of access to its data but also the risk of reputational and legal damage arising from the public dissemination of the information.

Cambridge University Press & Assessment

Cambridge University Press & Assessment is one of the oldest and most respected educational and publishing institutions in the world. Part of the University of Cambridge, this entity is known for its commitment to academic excellence and its significant contribution to the dissemination of knowledge and global educational assessment.

Founded in 1534, Cambridge University Press is the oldest publishing house in the world. It has a long tradition of academic publications, covering a wide range of disciplines including sciences, arts, medicine, and technology. Its mission is to contribute to the dissemination of high-quality knowledge and research, supporting education at all levels.

In 2021, Cambridge Assessment, an organization specializing in educational assessment, merged with Cambridge University Press to form Cambridge University Press & Assessment. This merger created a single entity with the aim of providing integrated educational resources and assessment tools, supporting students, teachers, and educational institutions worldwide.

Details of the Intrusion

The INC Ransomware disclosure page includes a series of stolen documents, such as:

  • Detailed invoices from and to various suppliers
  • Service contracts and commercial agreements
  • Internal financial information
  • Confidential documents and corporate correspondence

Implications and Risks

The compromise of Cambridge University Press & Assessment’s data represents a serious threat not only to the company itself but also to the millions of individuals and institutions that rely on its services. The dissemination of sensitive information could have devastating consequences for the company’s reputation, customer trust, and the security of personal information.

Conclusions

This incident highlights the growing threat posed by ransomware groups and the crucial importance of robust and up-to-date cybersecurity measures. Companies, especially those managing large amounts of sensitive data, must be prepared to respond quickly and effectively to such attacks to protect their data and the trust of their customers.

The attack on Cambridge University Press & Assessment serves as a stark reminder of the dangers of cybercrime in the modern world and the need for constant vigilance and investment in advanced security technologies. Only through adequate preparation and rapid response can the devastating effects of such intrusions be mitigated.

As is our practice, we always leave space for a statement from the company should they wish to provide us with updates on the matter. We will be happy to publish such information with a specific article highlighting the issue.

RHC Dark Lab will monitor the evolution of the incident in order to publish further news on the blog, should there be substantial updates. Should there be individuals informed about the facts who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"