Are they not understanding the aftermath of hacking?
The article released by us on Monday about “Stormous Ransomware” Group is targeting the Indian companies, contained the list of websites targeted by the group. Those organizational websites were chosen through an open poll conducted by this group, and we had brought up those list in the article.
Shockingly we could see that those targeted websites are Compromised Successfully. We have collected evidence of the compromised websites are updated in this article for our readers’ reference.
The Hacked Index HTML Page of the Website:
The Removed Index HTML page of the website:
The Hacked Home page of the Organization:
Another Homepage hacked by the Attackers
If any of the undermined organizations are having troubles or doubts in solving the aftermath or in protecting their information, we are providing adequate quick fixes and elucidation for the same.
As a Security researcher, we understood the lack of knowledge in various industries. Hence, we tried intimidating the compromised organization through their e-mails to help them / guide about the remediations that could be performed on these critical situations. Surprisingly, we haven’t heard back from them and if you would like to know how to react on these situations , kindly Reach Us
Global Recommendations for Organizations
- Vulnerabilities are to be assessed and closed beforehand – In-Depth VAPT Approach
- Vigilance towards organization is to be improved to protect the complete CIA Triad
- Evaluate and Understand the RISK of your information security portfolio
- Input Validation and other Attacks should be validated for all pages in the website
- Plug-ins used on the website, should be scrutinized for any vulnerability issues
Funny side, still some of the organization not aware they have been hacked and the compromised pages still exist
Payment Gateway Systems, Education Industries, Manufacturing Units, Financial Institutions and Banking is compromised and we don’t know the amount of the compromised data exfiltrated by the attackers which are PII & PCI data.
Get up and Understand the importance and Value of DATA. More attacks to come, if you don’t react even now, then no one can safeguard the organization until unless you take security as your one of core business requirement