Ransomware scum infect Comic Relief server: Internal systems taken down

Nothing funny about stealing from a charity. Comic Relief’s internal systems are down for the third day running after a ransomware attack on one of the charity’s servers on Wednesday.

Sad, disappointed-looking baby. Photo by Shutterstock

Founded in 1985 by comedy scriptwriters, the charity behind the UK’s Red Nose Day telethon took down all of its internal systems in the wake of the attack. An email sent on Wednesday to the charity’s staff from Zennon Hannick, its CTO, confirmed that “there has been a ransomware attack on one of Comic Relief’s servers.”

Staffers were told there would “no access to other external systems such as the internet, Citrix or webmail”.

Workers at the charity were told to work from home if they needed internet access, which is not expected to be available on the premises until lunchtime today.

“[T]he information held on this server has been encrypted and we cannot access it,” Hannick’s email continued.

“However the good news is the files held on this server are only copies of information we hold elsewhere on our network drives. The IT and Data teams along with external specialists are continuing their investigation to ensure we understand all the implications of this attack,” the CTO’s email added.

Comic Relief’s systems are completely unable to access the outside world at the moment, although the team is attempting to put in place security measures to restore such access.

Users’ passwords have all been expired, and users will be requested to provide a new “strong” password which is more than eight characters long, and includes a mix of upper and lowercase letters, special characters and a number.

Neither Citrix nor Comic Relief had responded to The Register‘s requests for comment at the time of publication. We’ll update when we hear more. ®

Updated at 15:43, September 16 to add: A Comic Relief spokesperson said: “Comic Relief is investigating a criminal ransomware attack on a discrete part of our IT network. We have been working with a specialist cyber security company to assess the situation in detail and are taking proactive steps to augment our security.

“The attack appears to have been isolated and at present we have found no evidence that any information or data has been stolen. However, we are continuing to carry out a thorough forensic investigation of all our IT systems to assess the full extent of the situation and are taking additional precautions to protect the security of all the information that we hold.

“Comic Relief has always taken information security extremely seriously and have worked with cyber security experts to ensure we have the most robust systems and security practices in place to protect our network and the information we hold. These systems are rigorously tested and under constant review to ensure that they continue to evolve to respond to ever-changing cyber threats.



About webimprint

Webimprints is the leading company which provides global information security services to the client around the World.
This entry was posted in Cyber Security, Malware, Pruebas de Software and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s