Feds Warn of Ransomware Attacks Ahead of Labor Day Though lots of people might be taking some time off over the Labor Day weekend, threat actors likely won’t — which means organizations should remain particularly vigilante about the potential for ransomware attacks, the federal government has warned. Citing historical precedence, the FBI and CISA put out […]

Given that, companies also need to carefully consider their ability to respond and recover from a ransomware incident. While the key component of recovery is maintaining and testing backups of critical data, one aspect of recovery that’s often overlooked is having access to the stored packet data from the lead-up and ransomware attack itself. High-quality […]

For these and other reasons, organizations are increasingly opting for cyber insurance coverage and paying higher premiums year after year. According to the U.S. Government Accountability Office, the number of companies opting for cybersecurity coverage grew from 26% in 2016 to 47% in 2020, and most saw breach insurance premiums increase by up to 30%. Given […]

Industrial Cybersecurity: Efficiently secure critical infrastructure systems

If you like a touch of irony in your cybersecurity news, then this has been the week for it. Yesterday, we wrote about an exploitable security hole… …inside a hacking tool that helps you exploit security holes. Today, we’re writing about a ransomware-related data breach that leaked organisational information… …from inside a ransomware group. And if […]

Ransom negotiation protocol checklist First and foremost, before communications can begin, you need to determine if legal engagement with the threat actor is possible. How? An OFAC (Office of Foreign Assets Control) check must be run to see whether any data (i.e., IP addresses, language, system access, etc.) or metadata is associated with an entity that has […]

Governments and law enforcement hate it when ransomware victims pay the blackmail demands that almost always follow a ransomware attack, and you can understand why, given that today’s payments fund tomorrow’s cybercriminality. Of course, no one needs to be told that. Paying up hurts in any number of ways, whether you feel that hurt in your […]

Just a few years ago, you may never have heard of ransomware. Nowadays, it’s a £10 billion-a-year industry and considered one of the biggest threats facing organizations, schools and essential services. Dozens of ransomware cases are reported each month, with companies locked out of their files and facing extortionate demands. The current going rate for decryption keys is […]

Admittedly, this does lead to doomsday scenarios offered up by authors on the multitude of platforms sharing doomsday scenarios, with weak attribution included to suit their own narrative. While commentary on the impact of such a scenario is generally to be welcomed, the focus of attribution remains. Recent events have introduced the world at large […]

AXA’s branches in Thailand, Malaysia, Philippines and Hong Kong have been hit by a ransomware attack, with hackers claiming they have accessed more than 3-terabytes of sensitive data.  Included in that trove of data, according to the hackers, are customer medical reports – which is also said to expose their sexual health problems – as […]

It might seem logical to try to negotiate the ransom demand down to an amount that isn’t going to break the bank but would still be enough to satiate cybercriminals’ thirst for cash. Unfortunately, this isn’t a good idea, because negotiations can backfire and even cause ransomware gangs to increase their ransom demands. This recently […]

One of the biggest cities in the US  by population size, the City of Tulsa, was victim of a ransomware attack that affected its government’s network and forced the shutdown of official websites over the weekend. Shortly after the attack, that took place Friday night, the city issued a statement to inform that no customer […]

A task force of 60+ experts from industry, government, nonprofits, and academia calls on the US and allies to take steps to fight a surge in ransomware attacks  A task force of more than 60 experts from industry, government, nonprofits and academia is urging the U.S. government and global allies to take immediate steps to stem a growing global […]

When it comes to all the various types of malware out there, none has ever dominated the headlines quite as much as ransomware. Sure, several individual malware outbreaks have turned into truly global stories over the years. The LoveBug mass-mailing virus of 2000 springs to mind, which blasted itself into hundreds of millions of mailboxes within a few […]

When IT and security professionals plan how to respond, they must not underestimate the degree to which many of the transformative changes to our working patterns enacted due to COVID-19 have already changed our risk of ransomware attacks. After the first “shelter in place” orders were issued, many organizations swung into action to accommodate work-from-anywhere policies. The […]

It’s three weeks since the word HAFNIUM hit the news. The word Hafnium refers to a cybergang who are said to focus on stealing data from pretty much anyone and everyone they can infiltrate, across an eclectic range of industry sectors, and this time they hit a sort-of cybercrime jackpot. The Hafnium crew, it turned out, not only knew […]

A new report has emerged stating that average ransomware payments jumped by more than 171% in 2020, suggesting that cybercriminals have benefitted from an extremely lucrative period throughout the pandemic.  The numbers come from Palo Alto Networks, who noted an 171% increase in ransomware payments from organisations and individuals that had been hit by the […]

Group-IB published a report titled “Ransomware Uncovered 2020-2021”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has presented its new report “Ransomware Uncovered 2020-2021”. The research dives deep into the global ransomware outbreak in 2020 and analyzes major players’ TTPs (tactics, techniques, and procedures). By the […]