Cyber expert weighs in on CommScope ransomware attack

Earlier this week, the Hickory-based fiber optic cable manufacturer said they were looking into these claims while also emphasizing they had seen no indication that client information has been compromised.

Brett Callow, a Canadian-based threat analyst with the firm Emsisoft, confirmed the hacker group Vice Society has posted a link to information purportedly taken from CommScope on the dark web, the part of the internet which is inaccessible by search engines and is often used by cybercriminals.

What exactly that data is, Callow can’t say.

“I don’t access the data in these cases,” Callow said. “I have no reason to further invade people’s privacy.”

Online newspaper TechCrunch has reported the information includes employee information such as Social Security numbers and bank information.

Callow said he does not know who is behind the Vice Society hacking group but said they appear to have formed in 2021 and have targeted institutions such as schools but seem to now have moved on to larger organizations.

Callow also discussed how these attacks typically play out. Generally, he said, the hackers will infiltrate an organization’s system, copy data and then lock the organization’s system until they make good on the ransom.

“The ransom they demand then covers two parts: providing a key to unlock the computers and a pinkie promise that the stolen data will be destroyed,” Callow said.

While it is possible attackers may release the data even if a ransom is paid, Callow said the fact that data from CommScope has apparently been leaked online strongly suggests the company did not pay a ransom.

If so, that’s the right call, he said. While some organizations may have difficulty regaining access to their systems following an attack, Callow said…