RansomHub Ransomware Hits Puerto Rico's Cultural Institute

Incident Date: Oct 17, 2024

Attack Overview
VICTIM
Instituto de Cultura Puertorriqueña (ICP)
INDUSTRY
Government
LOCATION
Puerto Rico
ATTACKER
Ransomhub
FIRST REPORTED
October 17, 2024

RansomHub Ransomware Attack on Instituto de Cultura Puertorriqueña

The Instituto de Cultura Puertorriqueña (ICP), a pivotal institution in Puerto Rico's cultural landscape, has become the latest victim of a ransomware attack by the notorious RansomHub group. This breach, discovered on October 18, has resulted in the exfiltration of approximately 95 GB of sensitive data, posing significant challenges to the ICP's mission of cultural preservation and promotion.

About the Instituto de Cultura Puertorriqueña

Established in 1955, the ICP is the primary governmental body responsible for cultural affairs in Puerto Rico. It plays a crucial role in preserving the island's rich cultural heritage, promoting artistic expression, and developing cultural policies. The ICP organizes events, festivals, and educational programs to enhance public engagement with Puerto Rican culture. As a medium-sized public entity, it relies on government funding and grants to support its initiatives. The ICP's dedication to safeguarding Puerto Rican identity makes it a cornerstone of the island's cultural sector.

Attack Overview

The ransomware attack orchestrated by RansomHub has put the ICP in a precarious position. The attackers have set a deadline of October 24 for the ransom payment, threatening to expose the compromised data if their demands are not met. The breach underscores the vulnerabilities faced by governmental and cultural institutions, which often lack the necessary cybersecurity measures to fend off sophisticated cyber threats.

RansomHub's Modus Operandi

RansomHub, a Ransomware-as-a-Service group, emerged in February and quickly established itself as a formidable player in the cybercrime landscape. Known for its aggressive affiliate model, RansomHub employs double extortion tactics, encrypting data and exfiltrating sensitive information to increase pressure on victims. The group targets high-value sectors, including government entities, leveraging vulnerabilities in unpatched systems and employing phishing campaigns to gain initial access.

Potential Vulnerabilities

The ICP's reliance on digital platforms for cultural promotion and education may have exposed it to cyber threats. As a public entity, it may face challenges in maintaining up-to-date cybersecurity measures, making it an attractive target for ransomware groups like RansomHub. The attack highlights the need for cultural institutions to prioritize cybersecurity to protect their valuable digital assets.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.