Vice Society Claims Responsibility For New Ransomware Attack

21th January 2022


Ransomware group, Vice Society, has claimed responsibility for another ransomware attack, this time on Durham Johnston School.

Personal data of children and teachers have been leaked on the dark web, the section associated with criminality.

The school confirmed that they had suffered a cyberattack but have since restored system functionality and are working with the authorities to determine how the group accessed the data.

The Durham County Council is currently investigating the attack with forensic support from the National Crime Agency. The investigation could take weeks to complete.

What other attacks has Vice Society carried out?

This is not the first time Vice Society has been responsible for attacking an organisation’s systems and holding their data hostage. The same group was responsible for the cyberattack on the Spar retail chain where over 600 stores were shut down.

Vice Society had orchestrated several ransomware attacks on other institutions in the past. For example, the group launched similar attacks on a Brazilian dental company and a Colombian university in late December 2021 - the same week they launched the Spar ransomware attacks.

In May of last year, Vice Society also leaked data from Eskenazi Health – a public health provider based in Indianapolis – and launched another attack on New Zealand's Waikato District Health Board, exposing sensitive medical data.

Vice Society's activity speaks to a growing problem within the cybersecurity space: that ransomware attacks are on the rise and have been so for the last few years.

Threat intelligence reports revealed that the number of organisations falling victim to ransomware groups such as Vice Society has hit an all-time high. With the pandemic disrupting business operations and stretching vendor security to its limits, ransomware groups have become more aggressive and emboldened in their cyberattacks, leaving organisations more vulnerable than ever before.

Last year was the most dangerous and costly year for ransomware attacks, with over 500 million attempted ransomware attacks logged by September 2021.

If organisations are to protect their network from ransomware attacks, they need to re-examine their security systems and ensure they are up-to-date to prevent such attacks in the future.

What does this mean for cybersecurity?

The attack by the Vice Society on Durham Johnston School is a sign that all organisations, regardless of size or industry, must invest in advanced security systems to prevent ransomware attacks in the future.

Proper cybersecurity defences would encompass real-time platforms for better attack surface monitoring, training for staff, and a robust cybersecurity plan for establishing the most appropriate response protocol to mitigate cyberattacks.