- How Did the Attack Unfold?
- Who Are the Dark Angels?
- Consequences for Cencora
Pharmaceutical giant Cencora faced a significant cybersecurity breach and record-breaking Bitcoin ransom payment. The incident came to light through Bloomberg reports and cybersecurity experts' insights. These events underscore the growing threat posed by ransomware attacks.
How Did the Attack Unfold?
The attack occurred in February, when hackers accessed sensitive information, including clients' personal and medical data. In March, Cencora paid $75 million in three separate transactions to the Dark Angels group. This payment set a new record, surpassing the previous high of $40 million paid by CNA Financial in 2021. The transaction was confirmed by Chainalysis, emphasizing the increasing frequency and cost of such ransom demands.
Who Are the Dark Angels?
The Dark Angels are known for high-stakes cyber extortions. Their operations involve demanding large sums of cryptocurrency, relying on the anonymity digital transactions offer. According to Charles Carmakal, CTO of Mandiant Consulting, while large payments like these are rare, they occur without public acknowledgment, suggesting more undisclosed incidents.
— $75 million paid in Bitcoin, a record-breaking ransom. — Attackers accessed personal and medical data in February. — Cencora’s payment exceeded CNA Financial’s $40 million in 2021. — Average ransom payments have increased to $1.5 million by June. — Total ransom payments in 2023 have reached $1 billion.
Consequences for Cencora
Renowned crypto crime investigator ZachXBT identified the Bitcoin addresses used in the transactions, which were spread across three installments in March. This disclosure shed light on the attackers’ operational methods and highlighted gaps in public transparency regarding such incidents. The funds were traced to addresses associated with illegal activities, raising concerns over the use of cryptocurrencies to facilitate cybercrime.
Cencora’s experience reflects the increasing sophistication of cybercriminals and the growing challenges faced by major corporations. Transparency and enhanced cybersecurity measures are critical to safeguarding sensitive data and preventing future breaches.
The Cencora incident underscores the growing threat of cybercrime and the need for increased cybersecurity measures to protect sensitive information.
