According to the company, no patron information was compromised in a recent ransomware attack against John R. Wood Christie’s International Real Estate by a cyber gang known as Medusa.
“All of John R. Wood’s customer data resides in third-party solutions,” said President Corey McCloskey. “We had an internal security event where no customer data was present.”
Here’s what you need to know.
What is Medusa claiming in the Naples, Florida ransomware attack?
Medusa announced the attack on its site, claiming it had stolen more than 1 terabyte of Wood data. The gang demanded $2 million from the real estate group in exchange for deleting the stolen data, otherwise they planned to sell the information on the dark web.
This is what researchers from Comparitech, a site that has been covering cybersecurity topics since 2015, say.
“It’s a pretty successful ransomware gang,” said Rebecca Moody, head of research at Comparitech.
Where have similar ransomware attacks occurred in the state of Florida?
The attack reveals an increasingly common threat to companies and agencies with online business activities.
In 2019, the city of Riviera Beach in Palm Beach County agreed to pay a $600,000 ransom to maintain access to data compromised in an attack. In 2023, the St. Lucie County tax collector’s computer system was shut down in another attack. The Palm Beach County Supervisor of Elections in 2020 made public a 2016 ransomware attack. For five years, the city of Naples was defrauded of $700,000 in a spear-phishing cyber attack.
Is the Collier County Sheriff’s Office investigating ransomware cases?
The Collier County Sheriff’s Office does not investigate ransomware cases, but has shared tips from the Federal Trade Commission with the community on the best way to prevent this type of cybercrime.
The FTC warns against clicking links from people you don’t know, which can download viruses to your computer. Businesses should also ensure that they have anti-malware and anti-virus software and that they keep this software up to date.
The Federal Bureau of Investigation suggests having a plan in place in case your business is attacked, and backing up your data regularly to ensure you continue to have access in the event of an attack.
How long has Medusa been hunting corporations and governments?
Moody said Medusa first burst onto the scene in 2019 and has claimed responsibility for at least nine confirmed ransomware attacks over the past year on entities such as a school district in Michigan, a credit union in Indiana and a national healthcare provider that offers dialysis.
The group infiltrates entities through weaknesses in their security software, or hacks into their systems through phishing emails to employees.
“They come in, hang around for a while and then launch the attack,” Moody said.
What is a ransomware attack? How does the crime usually proceed?
As soon as the cyber gang announces its presence and makes demands, the clock starts running. From there, targets have a certain amount of time to pay the ransom to prevent publication or sale of the stolen data.
“By the time they get to the site that seems to be the end of the game, they’ve been hacked,” Moody said. “(The data) will often end up on the dark web, and we don’t really track it further.”
What’s ‘almost taboo’ when it comes to ransomware attacks?
Moody said that target groups do not often publicly share details about the attacks and whether they have paid ransoms, for fear it could leave them vulnerable to repeat attacks.
“It’s almost taboo,” she says. “Companies will often go to great lengths not to admit that they have suffered a ransomware attack.”
How much data does Medusa claim to have stolen from the Collier County firm?
Medusa claimed to have stolen 1.07 terabytes of data last month. According to DropBox, a terabyte can hold up to 6.5 million document pages, 500 hours of HD video, or 250,000 photos.
McCloskey declined to comment on what type of data was compromised in the attack. She did not say whether the group had paid or whether it had reported the breach to authorities. But she added that it followed “specific Florida laws.”
What does Florida law require if a cyber attack occurs?
Florida law requires companies to notify the attorney general’s office within 30 days of a cyberattack, with the possibility of an extension. The same statutes outline the requirements for publicly informing customers.
“As you can probably imagine, this is kind of an internal event that we’re still dealing with,” McCloskey said. That is appreciated, but I would especially like to emphasize that no customer data has been compromised at all.”
Chase Sizemore, the attorney general’s press secretary, said Thursday that the office had been notified of the incident.
Shop: What are Kohl and Five Below’s plans for expansion in SW Florida? What other stores will open?
How can property owners sign up for ‘risk alerts’?
Overall, there has been an increase in real estate scams, especially the fraudulent transfer of deeds or a criminal posing as a buyer or seller and convincing victims to wire money for a down payment, according to the Collier County Clerk of the Circuit Court and Comptroller. office.
The registry has a fraud alert system to check legally recorded documents, such as real estate deeds. While the company admits this won’t stop the scammer, it could help someone learn more about the incident and file a complaint more quickly, reducing the impact.
Only about 5,000 have signed up, and the agency has tried to publicize the program, which can be found at collierclerk.com by clicking on the “risk alert notifications” button.
Resort: Great Wolf Lodge: How many millions of pounds of steel and concrete in Naples? How big?
What tips does the FBI recommend when it comes to cybersecurity?
-
Keep operating systems, software and applications current and up to date.
-
Make sure antivirus and antimalware solutions are set to update automatically and run regular scans.
-
Back up data regularly and double-check that these backups are complete.
-
Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
-
Create a continuity plan in case your company or organization falls victim to a ransomware attack.
Phil Fernandez of the USA TODAY Network contributed to this report.
This article originally appeared on Naples Daily News: SW Florida company hit with $2 million Medusa ransomware attack
