BlackSuit Ransomware Gang Claims Major Attack on KADOKAWA Corporation

Cyberattack on Japanese Media Giant KADOKAWA

The BlackSuit ransomware gang has recently claimed responsibility for a cyberattack on KADOKAWA Corporation, a prominent Japanese media conglomerate known for its subsidiaries in the film, publishing, and gaming industries, including FromSoftware, the developer of Elden Ring. This attack has significantly disrupted KADOKAWA's operations.

Impact and Initial Response

The attack, which occurred on June 8, led to service outages across multiple websites of the KADOKAWA Group, including the popular Japanese video-sharing platform Niconico. The incident impacted most of the company's and its subsidiaries' operations as they were hosted in the same data center and encrypted by ransomware. Since then, KADOKAWA has been actively updating the public on the status of the cyberattack and its impact on their infrastructure.

Current Status and Recovery Efforts

As of the latest update, KADOKAWA's operations remain significantly impacted, with all Niconico services still suspended. The company is focused on building a secure network and server environment to restore its operations. The top priority is to restore accounting functions, which are crucial to their business activities, and normalize manufacturing and distribution functions in the publication business, which generate considerable revenue. KADOKAWA expects the accounting functions to be restored by early July, using analog measures where necessary.

BlackSuit Ransomware Gang's Involvement

While KADOKAWA confirmed that they were hit by a ransomware attack, they did not initially disclose the responsible party. Recently, the BlackSuit ransomware gang claimed responsibility by adding KADOKAWA to their data leak site and publishing a small sample of the stolen data. The threat actors have warned that they will publish all the stolen data on July 1 if the ransom is not paid. This data includes contacts, confidential documents, employee data, business plans, and financial data.

Background on BlackSuit Ransomware Gang

The BlackSuit ransomware operation, launched in May 2023, is believed to be a rebrand of the Royal ransomware operation. The group is thought to consist of members from the now-defunct Conti cybercrime syndicate, an organized gang of Russian and Eastern European threat actors. In November 2023, the FBI and CISA linked this ransomware operation to attacks on at least 350 organizations worldwide since September 2022, with ransom demands exceeding $275 million. Recently, BlackSuit conducted a high-profile attack on CDK Global, causing massive disruptions to car dealerships across North America.

Strategic Importance of Cybersecurity Measures

This incident underscores the importance of robust cybersecurity measures, including stolen credentials detection, darknet monitoring services, dark web surveillance, compromised data tracking, digital footprint analysis, brand protection, brand impersonation defense, online risk evaluation, and digital threat scoring. These measures are crucial in protecting organizations from sophisticated cyber threats and mitigating the impact of such attacks.

Conclusion

The recent cyberattack on KADOKAWA Corporation by the BlackSuit ransomware gang highlights the persistent and evolving threats that major organizations face from sophisticated cybercriminals. The significant disruption to KADOKAWA's operations and the ongoing threat of data exposure underline the critical need for robust cybersecurity strategies. By implementing comprehensive measures such as stolen credentials detection, darknet monitoring services, and digital threat scoring, organizations can better protect their assets and maintain operational integrity. The KADOKAWA incident serves as a stark reminder of the importance of staying vigilant and proactive in the ever-changing landscape of cyber threats.

About Foresiet!

Foresiet is the pioneering force in digital security solutions, offering the first integrated Digital Risk Protection SaaS platform. With 24x7x365 dark web monitoring and proactive threat intelligence, Foresiet safeguards against data breaches and intellectual property theft. Our robust suite includes brand protection, takedown services, and supply chain assessment, enhancing your organization's defense mechanisms. Attack surface management is a key component of our approach, ensuring comprehensive protection across all vulnerable points. Compliance is assured through adherence to ISO27001, NIST, GDPR, PCI, SOX, HIPAA, SAMA, CITC, and Third Party regulations. Additionally, our advanced antiphishing shield provides unparalleled protection against malicious emails. Trust Foresiet to empower your organization to navigate the digital landscape securely and confidently.