We don’t negotiate with cyber criminals, says Vumacam
Video management provider Vumacam has refused to pay ransom to cyber criminals who breached its IT systems.
Local tech publication MyBroadband first reported yesterday that the company had been hit by a ransomware attack.
In a statement to ITWeb, Vumacam says it is aware of a “breach in a low security internal system”.
The breach did not, however, impact critical, personal or sensitive data, and was remedied immediately.
It adds the breach did not affect business continuity and “we stand firm in our stance that we do not negotiate with criminals or criminal groups”.
Founded in 2017, Vumacam is an independent private company formed through a joint venture between Vumatel and Imfezeko Holdings.
It deploys hi-tech cameras across suburbs on a fibre network. The company provides security providers or monitoring customers with access to CCTV surveillance footage in public spaces in an agreed area.
Following the cyber attack, the firm says it was contacted with a ransom demand. “However, [the company] does not negotiate with extortionists in any way and the breach accessed only information that is publicly available and not data that was classified as private or sensitive in any way.
“Our systems are designed with multiple layers of security and data segregation, which ensured the breach was contained, and no classified or private data was accessed.”
Vumacam adds it is constantly vigilant against potential attacks on its systems, and regularly tests all external-facing systems for risk.
“Cyber security and data privacy is of the utmost priority for Vumacam,” says CEO Ricky Croock.
“The breach has not been in any protected or data-sensitive area of our systems. While we condemn the criminality of this event, it is reassuring that our systems are robust, and our security measures performed as they should.”
IBM Security’s annual X-Force Threat Intelligence Index recently found that although ransomware’s share of incidents in the Middle East and Africa (MEA) held steady at 18%, globally defenders were more successful detecting and preventing ransomware.
Despite this, IBM says attackers continued to innovate, with the report showing that globally the average time to complete a ransomware attack dropped from two months down to less than four days.
According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers in the MEA region last year.
Backdoor deployments were detected in 27% of the cases X-Force responded to in this region in 2022.
IBM explains that ransomware and worms tied for the second-most common attack type in the region at 18% each.