{"id":7659,"date":"2022-07-12T17:13:19","date_gmt":"2022-07-12T15:13:19","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/en\/forensics-carinthia-blackmailers-got-in-via-phishing-mail"},"modified":"2024-05-07T11:20:26","modified_gmt":"2024-05-07T09:20:26","slug":"forensics-carinthia-blackmailers-got-in-via-phishing-mail","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/en\/forensics-carinthia-blackmailers-got-in-via-phishing-mail\/","title":{"rendered":"Forensics: Carinthia blackmailers got in via phishing mail"},"content":{"rendered":"\n
The Austrian state of Carinthia made headlines in May this year when it fell victim to a ransomware attack. In the meanwhile, the forensic investigations have been concluded. Once again, it was a phishing email that paved the way for the hackers.<\/p>\n\n\n\n
According to a report on \u201cFuturezone\u201d<\/a>, the \u201cBlack Cat\u201d ransomware gang already sent the phishing mail back in April and gained access to at least 250 gigabytes of data. Part of this data was later made public after Carinthia refused to pay the digital ransom demanded by the attackers. Some data may also have been sold on the darknet.<\/p>\n\n\n\n The forensic analysis was carried out by an external consultant, who came to the conclusion that the attackers had access to only one file server. \u201cClosed systems\u201d containing sensitive data were not compromised at any stage \u2013 although one might actually expect \u201cinvoices, COVID test results and emails from state governor Peter Kaiser (SP\u00d6) and other government officials\u201d to be considered sensitive enough.<\/p>\n\n\n\n By the way, the Carinthian<\/a> IT systems are still not fully operational. Only 100 of the state\u2019s 124 systems were functioning properly last Friday, according to the state press office.<\/p>\n\n\n\n This incident again underscores that nowadays safeguarding the organization\u2019s email communication and providing email security awareness training for staff need to be considered fundamental, essential aspects of any IT security strategy. Part of their comprehensive Email Security<\/a> portfolio, Retarus\u2019\u00a0Secure Email Platform<\/a>\u00a0includes a powerful phishing filter, while its gateway concept means that the service can be employed both independently or as a highly effective complement to the security functions offered by packages such as Microsoft 365 or Google Workplace.<\/p>\n\n\n\n