June 27, 2024 at 07:06PM
The BlackSuit ransomware gang cyberattacked KADOKAWA corporation, demanding ransom in exchange for not publishing stolen data, which includes employee details, financial information, and business plans. The Japanese media conglomerate’s operations, including Niconico services, continue to be impacted. BlackSuit, a rebrand of the Royal ransomware operation, has been linked to numerous global attacks.
Based on the meeting notes, I have extracted the following key information:
1. The BlackSuit ransomware gang has claimed responsibility for a cyberattack on KADOKAWA corporation and is threatening to publish stolen data unless a ransom is paid.
2. KADOKAWA is a Japanese media conglomerate that operates in film, publishing, and gaming industries, including FromSoftware.
3. The cyberattack on June 8 caused extensive service outages and disruption to operations, particularly impacting the Niconico video-sharing platform.
4. KADOKAWA is working on building a secure network and server environment, with a focus on restoring accounting functions and normalizing manufacturing and distribution functions in the publication business by early July.
5. The BlackSuit ransomware operation is a rebrand of the Royal ransomware operation and is believed to be linked to the now shutdown Conti cybercrime syndicate, comprised of Russian and Eastern European threat actors.
6. The FBI and CISA have warned about the ransomware operation’s links to attacks on over 350 organizations worldwide and more than $275 million in ransom demands.
7. Most recently, BlackSuit conducted an attack on CDK Global, causing massive disruption to car dealerships throughout North America.
Please let me know if you need further details or analysis.