A Toshiba Corporation subsidiary has said it was hacked by DarkSide, he rogue group that was responsible for the recent ransomware attack on America’s Colonial Pipeline that caused shortages of gasoline and widespread panic buying on the US East Coast.
The $2.3 billion Toshiba Tec Corp, which makes products such as bar code printers, claimed that it had lost only a minimal amount of work data in the cyber attack.
DarkSide’s modus operandi involves double extortion, which involves demanding separate sums for both a digital key needed to unlock any files and servers, and a separate ransom in exchange for a promise to destroy any data stolen from the victim, according to the specialist blog KrebsonSecurity.
"There are around 30 groups within DarkSide that are attempting to hack companies all the time, and they succeeded this time with Toshiba," Reuters news agency quoted Takashi Yoshikawa, a senior malware analyst at Mitsui Bussan Secure Directions, as saying.
Employees accessing company computer systems from home during pandemic lockdowns have made companies more vulnerable to cyber attacks, he added.
Screenshots of DarkSide's post provided by the cybersecurity firm said more than 740 gigabytes of information was compromised and included passports and other personal information.
Ransomware attacks have been on the rise with hackers encrypting data and seeking payment in cryptocurrency to unlock it. They threated to release the secret data that they have stolen unless they are paid more.
DarkSide's site on the dark web even displays gallery of leaked data from victims who haven't paid up, advertising stolen documents from more than 80 companies firms the US and Europe.
DarkSide also has a public relations program which tries to portray it as a Robin Hood group. This is done by inviting journalists to check out its cache of leaked data and claiming that it makes anonymous donations to charity.