Ransomware group Brain Cipher has claimed responsibility for a cyberattack on dozens of French national museums during the Olympic Games earlier this month. The group has said it will leak 300GB of stolen data, but has not revealed the nature of the information.
Institutions overseen by Réunion des Musées Nationaux – Grand Palais (RMN-GP) were the target of an attack that reportedly saw data stolen from the system the organisation used to “centralise financial data”.
A countdown has been placed on Brain Cipher’s blog post indicating that the leak will occur at 20:00 UTC.
Brain Cipher Group
There have been no reported disruptions to the Olympic events hosted by the institution, including taekwondo and fencing. The organization has confirmed that no operational impact, encrypted systems or extracted data have been detected.
The French cybersecurity agency (ANSSI) confirmed it was aware of the attacks and was providing assistance to RMN-GP. However, it said the incident had no impact on systems related to the Olympics.
The group claiming responsibility for the attack only emerged in June of this year, but has previously attacked a number of sectors, including medical, educational and manufacturing organizations, as well as Indonesian government servers.
The group apologized for the disruption caused by the attack on the Indonesian servers. According to the group, the group acted as a penetration tester and published a decryptor that allowed the recovery of locked files without government pressure.
Researchers believe the group developed its ransomware payload based on the Lockbit 3.0 builder (also known as LockBit Black), which is well-known and easy to deploy, but also easy to detect and mitigate.
Via The register