A concerning ransomware attack has targeted Popular Life Insurance Co. Ltd., one of the most prominent public service companies in Bangladesh, according to the Bangladesh Cyber Security Intelligence (BCSI) threat intelligence team. The attackers, identified as the “Sarcoma” ransomware group, have issued an ultimatum of five days to expose the stolen data unless their demands are met. The exact ransom amount remains undisclosed.
“Sarcoma” is an emerging threat actor group that first detected on October 10, 2024 has swiftly made a name for itself in the cybercriminal landscape. Employing a double-extortion tactic, they not only encrypt the victim’s data but also steal sensitive information to intensify pressure on organizations to comply with their demands. With 46 victims reported so far, Sarcoma has already climbed to the ranks of the top 10 ransomware groups globally. Notable targets include ADT Freight Services Australia Pty Ltd, further establishing Sarcoma’s reputation for targeting major organizations.
According to the BCSI Threat Intelligence Team reports that approximately 36GB of data, including attachments and SQL files, has been stolen. However, the specifics of the leaked information remain unclear. There are concerns that the breach could include Personally Identifiable Information (PII), raising alarm over potential misuse.
The attack highlights a troubling trend: cybercriminals are becoming more sophisticated, deploying advanced tactics, techniques, and procedures (TTPs). For organizations like Popular Life Insurance Co. Ltd., this underscores the importance of robust cybersecurity measures. The negligence in safeguarding sensitive data has not only compromised organizational information but also potentially exposed individuals’ PII.
The Broader Implications
The rise of groups like Sarcoma signals an evolving threat landscape where no organization is safe. Their growing notoriety and advanced strategies demand immediate action from organizations worldwide to strengthen their defenses. Failure to address these vulnerabilities could lead to further breaches, financial loss, and erosion of public trust.
