HCL and Intel offer Data Trust Shield for Cloud Environments CyberVolk ransomware details

HCL and Intel Join Forces to Safeguard Data in Cloud Environments

As cloud environments continue to evolve as the backbone for modern digital infrastructure, they simultaneously become prime targets for cybercriminals. These malicious actors often aim to either steal sensitive data or deploy malware for their own gain, threatening the security and integrity of cloud-based systems. In response to these growing concerns, HCL Technologies, in partnership with Intel, has introduced an innovative security solution designed to enhance data protection in cloud environments. The service, named Data Trust Shield, integrates cutting-edge technologies from Intel, including its Trust Domain Extensions (TDX) and Intel Trust Authority, to offer advanced protection for data stored in and transmitted through the cloud.

The Data Trust Shield service was initially tested within the Google Cloud environment and successfully integrated with hyperscalers—advanced cloud computing platforms that combine data storage, big data analytics, machine learning, and robust networking capabilities. This integration is especially crucial for meeting the complex needs of enterprise-level data centers, where secure and reliable data protection is paramount.

Intel has publicly stated that the collaboration with HCL introduces a new level of trust for cloud users. The combination of Intel’s TDX and Trust Authority ensures that sensitive information remains secure, even as it moves across various cloud services and infrastructures. By leveraging Intel’s hardware-based security solutions, this partnership seeks to provide businesses with greater confidence in their cloud operations, knowing that their data is safeguarded from evolving cyber threats.

This initiative is expected to set a new standard for securing cloud environments and provide a vital tool in the ongoing battle against cybercriminals targeting businesses and organizations across various industries. With data breaches and cyberattacks on the rise, HCL and Intel’s Data Trust Shield offers a comprehensive, scalable solution that helps mitigate the risks associated with storing and transmitting sensitive data in the cloud.

CyberVolk Ransomware Group Targets Entities Opposing Russian Interests

A newly identified cyber threat group known as CyberVolk is making headlines for its targeted ransomware attacks. This group, which has emerged in the cybercrime scene with a specific political agenda, is focusing its efforts on organizations that are vocal in their opposition to Russian actions, particularly those related to the ongoing war in Ukraine.

According to a detailed analysis by cybersecurity firm SentinelOne, CyberVolk is believed to have ties to India and has been actively attacking businesses in countries such as Japan, France, the UK, and the United States. The group’s operations primarily revolve around deploying ransomware to encrypt the files of targeted entities, demanding payment in cryptocurrency to release the encrypted data.

In its previous operations, CyberVolk, also known as Gloriamist, had been known for its quick ransom demands—typically asking for $1,000 worth of cryptocurrency within a five-hour window from the initial compromise. However, recent reports suggest that the group’s leader, known as Hacker-K, has modified its tactics. Rather than demanding rapid payment, CyberVolk now waits up to two weeks for the victim to settle the ransom. If the victim fails to comply within this time frame, the stolen data is then auctioned off on the dark web, potentially exposing sensitive information to further exploitation.

While it remains unclear whether CyberVolk has any direct affiliation with well-known ransomware groups such as Lockbit or with the Russian government’s cyber operatives, there are suspicions that they could be operating as a service provider for the Russian military intelligence agency GRU. This theory is based on the group’s focus on attacking organizations that oppose Russian geopolitical interests.

Another notable shift for CyberVolk is its departure from prior alliances with other hacktivist groups like Anonymous Sudan and NoName057(16). These associations were once characterized by coordinated Distributed Denial of Service (DDoS) attacks, but CyberVolk has now distanced itself from these tactics. Instead, it has pivoted exclusively to launching file-encrypting ransomware attacks, targeting critical sectors such as gaming, energy, healthcare, and finance. This strategic shift suggests that CyberVolk is narrowing its focus on disrupting high-value industries that could generate significant financial returns or geopolitical leverage through stolen data.

As CyberVolk’s operations continue to evolve, it is clear that the group is positioning itself as a major player in the ransomware landscape, with a politically charged agenda and a growing list of targets. The cybersecurity community will need to stay vigilant in tracking the group’s activities, as its attacks are likely to have far-reaching implications for global cyber resilience.