Symantec, a division of technology firm Broadcom, said Thursday that it identified a string of ransomware attacks against American corporations, including eight Fortune 500 companies, in what appeared to be an effort to demand millions of dollars in ransom.
Continue Reading Below
The company said it alerted customers about the attacks, which featured hackers attempting to deploy the WastedLocker ransomware onto networks to cripple each company's IT infrastructure.
"The attackers had breached the networks of targeted organizations and were in the process of laying the groundwork for staging ransomware attacks," a Symantec blog reads.
At least 31 organizations were attacked, the company said, adding the figure could be much higher.
The end goal of the breaches is to encrypt the ransomware on computers and servers to set the stage of a multimillion-dollar ransom demand.
WastedLocker has been attributed to "Evil Corp," a cybercrime outfit responsible for the development and distribution of the Dridex malware. Two Russians were indicted last year in connection with using the ransomware to extort millions in alleged hacking and banking fraud offenses.
The attacks discovered by Symantec were spotted on a number of customer networks, it said.
"This discovery enabled us to identify further organizations that had been targeted by WastedLocker and identify additional tools, tactics, and procedures used by the attackers, helping us to strengthen our protection against every stage of the attack," the blog said.
All but one of the targeted companies are based in the United States. The other is a U.S.-based subsidiary of an overseas multinational company.
"Had the attackers not been disrupted, successful attacks could have led to millions in damages, downtime, and a possible domino effect on supply chains," Symantec said.