Coca-Cola, the largest soft drink manufacturer, has confirmed in a recent statement that the company’s networks were targeted, and an inquiry into this attack has been initiated.
Coca-Cola announced this week that it is looking into the possibility of a security breach committed by Stormous perpetrated that, as the band shared on the company’s Telegram channel, they were able to hack into one of the company’s servers and steal sixteen GB worth of information. Stormous apparently seeks sixteen million bitcoin from Coca-Cola in exchange for the data, which he then sells on the dark web for $64,000.
In reaction to the allegations, Coca-Cola vice president of communications Scott Leith said that we are aware of the situation and are researching to evaluate the claim’s truth.” Some of the information listed includes compressed documents, text files containing administrators (admin) email addresses and passwords, company ledgers, payment zip files, and other sensitive data.
About the Stormous Gang
Although they say they are a ransomware group, there’s no evidence that they’ve used file encryption malware on their victims’ networks.
Stormous, which is more of an extortionist group for data, has announced that it will fight Russian hacking following Russia has invaded Ukraine.
It’s the first time the Stormous gang has made the stolen data public. The group held a poll among its followers in the last week to determine who they would target for their next attack. Coca-Cola “won” the vote with 72 percent of the votes.
The group claimed they were able to breach the company’s security in only the span of a few days. The attack techniques include denial-of-service attacks, hacker attacks, software source codes, and clients’ data leakage.
It is important to mention that in the referendum conducted by Stormous, Coca-Cola and other affected companies opted to take an anti-Western stance.
The gang claimed that they had previously attacked Epic Games in the past. They claim to have snatched 200GB of information and data from the 33 million people who use Epic Games, Epic stores and gaming. However, the authenticity of these claims hasn’t been verified, and the assertions by Storm are yet to be confirmed.
According to Maor, this type of hacking is known as scavenging. Maor claimed that they wouldn’t be the first to perform this scavenger hunt where they grab stuff that’s already out there.This isn’t a new strategy, according to Chris Morgan, a senior cyber threat intelligence analyst at security firm Digital Shadows. According to Morgan, “some analysts have claimed that many of their attacks are either a fake or that the group exacerbates its claims “This is not uncommon for cyber – criminal organisations, which frequently decorate the details of their activity in order to intimidate victims into paying a ransom.”
Morgan says it’s possible Stormous is involved in scavenging; however, there’s a shortage of evidence to support this.
The gang’s name and the size of their latest victim suggest that the Coca-Cola hacking claims are not true, according to Alan Liska, cybersecurity incident response team head for Recorded Future: “There is a lot of skepticism around Stormous and this attack in particular,” Liska claims that looking into the bigger picture this amount of data (161GB ) of data is not a lot for such a group that supposedly had access to Coca Cola’s corporate network and could exfiltrate data unfettered.”
Liska claims that Stormous is referred to by the name of “a bit of a clown show”; however, she warns: “That doesn’t mean they did not succeed in executing the plot; it’s possible. But I’m sure that most researchers will require further proof before taking the group at their words.”
The Coca-Cola Company has yet to verify whether or not the data was stolen. While speaking with the media, the business CEO said that the company is now working closely with law enforcement officials to investigate the known Stormous group attack. The attack so far has not demonstrated any major negative effect.
Nowadays, companies of all sizes and across all industries face the ever-growing risk of ransomware-related attacks. Storage systems might appear to have nothing to do with their cybersecurity strategy and procedures; However, they could be the most effective defense. A few features and parts included in Virtual Machine Backup, like being easy-to-manage, affordable and storage-friendly, make it vital to shield sensitive data from a ransomware attack and help create an unbreakable cloud storage system for data centers in the enterprise and effectively stop ransomware attacks. The most popular VM backup solutions include VMware Backup, the Xenserver Backup, oVirt Backup, etc.