Water for People, a nonprofit that aims to improve access to clean water for people whose health is threatened by a lack of it for drinking and sanitation, is the latest organization to have been hit by ransomware criminals.
The ransomware-as-a-service gang Medusa listed Water for People on its darknet site Thursday night, threatening to publish stolen information unless the nonprofit pays a $300,000 extortion fee.
The attack follows the nonprofit receiving a $15 million grant from MacKenzie Scott, the billionaire ex-wife of Amazon founder Jeff Bezos.
There is no evidence that Water for People was specifically targeted because of this donation.
The organization operates in nine different countries, from Guatemala and Honduras in Latin America, to Mozambique in Africa and to India, and aims to improve water access for more than 200 million people over the next eight years.
It is not the first time the Medusa gang's activities have impacted an organization associated with water provision, although the gang and its affiliates appear to work opportunistically, according to new analysis by Palo Alto Networks' Unit 42.
Last year, an Italian company that provides drinking water to nearly half a million people was hit by the gang.
Back in 2021, U.S. law enforcement agencies said ransomware gangs in general had hit five water and wastewater treatment facilities in the country - not including three other widely reported cyberattacks on water utilities.
Despite the financial insecurity of many organizations in the nonprofit and NGO sector, most of which depend on donations to operate, it has not been immune to attacks from ransomware groups.
Last September, Save the Children International confirmed being hit by a cyberattack following a ransomware group's claims to have breached the organization's systems.
Unit 42's data - based on posts made to the gang's extortion site - suggests the nonprofit sector was as regularly hit by Medusa as the media, entertainment and agriculture industries.
According to the British data protection regulator's security incident trends data, the charitable and voluntary sector in the United Kingdom has reported more than 100 ransomware incidents since 2020.
The sector has also been targeted by state-sponsored hackers in incidents where the NGO was deemed to be working on politically sensitive issues, such as the attack on human rights organization Amnesty International Hong Kong in 2019.
The Medusa ransomware gang last year claimed to have stolen data from Toyota Financial Services.
The group gave the company 10 days to pay an $8 million ransom.
He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.
This Cyber News was published on therecord.media. Publication date: Fri, 12 Jan 2024 19:50:17 +0000