Attack Overview
VICTIM
CANCOM
INDUSTRY
Telecommunications
LOCATION
Germany
ATTACKER
Hiveleak
FIRST REPORTED
July 4, 2022

CANCOM Ransomware Attack: An Expert Analysis

The ransomware group HiveLeak has claimed responsibility for an attack on CANCOM, a telecommunications company operating in the industry. The company is known for its IPTV technology and high-speed internet services. CANCOM offers a range of services, including internet, TV, and phone bundles, and its Vilo app allows users to control their Wi-Fi network from their phone.

CANCOM is a significant player in the telecommunications sector, providing services to a wide range of locations across Canada, including major cities like Calgary, Edmonton, and Vancouver, as well as smaller towns and rural areas. The company's services are designed to cater to various needs, from basic internet connectivity to advanced IPTV technology, making it a versatile provider in the industry.

The Vulnerability of Telecommunications to Ransomware

The ransomware attack on CANCOM highlights the vulnerabilities that telecommunications companies face in the digital age. HiveLeak, the group responsible for the attack, is known for exploiting known vulnerabilities and using a living-off-the-land (LOTL) approach, which involves abusing legitimate tools like Microsoft Bitlocker and Jetico's BestCrypt to encrypt files without being detected by security systems. This technique allows the attackers to bypass traditional security measures, making it challenging for companies to protect themselves from such threats.

The attack on CANCOM has resulted in the unavailability of digital services, putting the protected health information of patients at risk, and significantly reducing the ability of the medical center to provide treatment for patients. This underscores the potential consequences of ransomware attacks on critical infrastructure, which can have far-reaching impacts on society.

The ransomware attack on CANCOM serves as a reminder of the importance of cybersecurity in the telecommunications sector. Companies must remain vigilant against such threats and invest in robust security measures to protect their networks and the sensitive information they handle.

Sources

Disclaimer

The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources.  By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.