The Department of Foreign Affairs (DFA) in Ireland has reassured the public that there is no evidence of any breach of its IT systems following claims by a new cyber extortion group. The group, calling itself Mogilevich, announced on Tuesday that it had stolen data from the DFA and was prepared to sell it.
The DFA stated that it was notified by Ireland’s National Cyber Security Centre (NCSC) of a potential cybersecurity incident and is working closely with them to investigate the authenticity of the claims. So far, there is no evidence of any breach in the DFA’s ICT security infrastructure.
Mogilevich also listed three other victims on its extortion site, but these companies have not responded to requests for comment. The group did not provide any evidence to support their claims of breaches against these other companies. Additionally, the amateurish design of Mogilevich’s extortion site and their request for a $1,000 deposit from potential affiliates have raised suspicion about the group’s authenticity.
Fraudulent ransomware gangs, such as Mogilevich, are not uncommon in the cybercrime world. These groups lack the capabilities to access a victim’s network and monetize that access, despite the lowering of barriers in the cybercriminal ecosystem.
As the investigation continues, the DFA and NCSC will address any issues that may arise around information held by the Department.