Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInTo stop the ransomware pandemic, start with the basics | The Economist
Fixing the private sector’s incentives is the first step. Officials in America, Britain and France want to ban insurance coverage of ransom payments, on the ground that it encourages further attacks. Better to require companies to publicly disclose attacks and their potential cost. In America, for example, the requirements are vague and involve large time […]
Bitcoin Is Actually Traceable, Pipeline Investigation Shows – The New York Times
Criminals, often operating in hidden reaches of the internet, flocked to Bitcoin to do illicit business without revealing their names or locations. The digital currency quickly became as popular with drug dealers and tax evaders as it was with contrarian libertarians. But this week’s revelation that federal officials had recovered most of the Bitcoin ransom […]
JBS Paid $11 Million to Resolve Ransomware Attack – WSJ
JBS USA Holdings Inc. paid an $11 million ransom to cybercriminals who last week temporarily knocked out plants that process roughly one-fifth of the nation’s meat supply, the company’s chief executive said. The ransom payment, in bitcoin, was made to shield JBS meat plants from further disruption and to limit the potential impact on restaurants, […]
FBI Director Compares Ransomware Challenge to 9/11 – WSJ
FBI Director Christopher Wray said the agency is investigating about 100 different types of ransomware, many of which trace back to actors in Russia, and compared the current spate of cyberattacks with the challenge posed by the Sept. 11, 2001, terrorist attacks. “There are a lot of parallels, there’s a lot of importance, and a […]
Ransomware attack hits ferry to Cape Cod, Nantucket, Martha’s Vineyard
The Steamship Authority of Massachusetts ferry service fell victim to a ransomware attack Wednesday, the latest cyber assault affecting logistics and services in the United States. The Steamship Authority is the largest ferry service offering daily fares from Cape Cod to neighboring islands Nantucket and Martha’s Vineyard off the coast of Massachusetts, according to the […]
Colonial Pipeline hackers Darkside received $90 million in bitcoin: Report
On Friday, London-based blockchain analytics firm Elliptic said it had identified the bitcoin wallet used by DarkSide to collect ransom payments from its victims. The same day, security researchers Intel 471 said DarkSide had closed down after losing access to its servers and as its cryptocurrency wallets were emptied. DarkSide also blamed “pressure from the […]
Beyond Colonial Pipeline, Ransomware Cyberattacks Are a Growing Threat – WSJ
The cyberattack that knocked offline an essential U.S. gasoline pipeline shows how the dangerous, professional-scale hack-for-ransom threat is spreading rapidly, targeting companies, schools, hospitals and other institutions. While ransomware has been a challenge for small businesses for years, a confluence of factors have emboldened attackers in the past year, culminating in the shutdown Friday of […]
U.S. Pipeline Shutdown Exposes Cyber Threat to Energy Sector – WSJ
The ransomware attack that forced the closure of the largest U.S. fuel pipeline this weekend showed how cybercriminals pose a far-reaching threat to the aging, vulnerable infrastructure that keeps the nation’s energy moving. Colonial Pipeline Co. closed its entire 5,500-mile conduit carrying gasoline and other fuels from the Gulf Coast to the New York metro […]
The Case For and Against Criminalizing Ransomware – Infosecurity Magazine
Earlier this year, the former CEO of the UK National Cyber Security Centre (NCSC), Ciaran Martin, spoke on the ransomware issue, arguing that it is being fuelled because there is no legal barrier to ransomware victims paying and then claiming back the expense on insurance. He argues that this means victims are incentivized to pay […]
Incident response pros seek to prove due diligence after OFAC advisory
Being coerced into paying a large ransomware demand is bad enough. Having to pay a large civil penalty on top of that for transacting with a federally sanctioned cybercriminal group is even worse. Looking to avoid such fines, incident response (IR) experts are advocating for improvements to ransomware response protocols, including additional oversight and demonstrable […]
Acer hacked by ransomware gang demanding $50m ransom | TechRadar
The notorious REvil ransomware gang has reportedly attacked Taiwanese PC vendor Acer, demanding a $50 million ransom of cryptocurrency Monero to decrypt its computers. Working with a malware intelligence analyst from Malwarebytes, cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which […]
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – WSJ
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware Payouts
“In the last year, experts are saying this is close to getting out of control,” said Martin. “You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”. Source: Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware […]
Panelists Discuss Their “One Big Thing” for Incident Response Forum Ransomware 2021
Incident Response Forum Ransomware 2021 panelists offer their “One Big Thing” to take away from this year’s event.
A Proposed 2021 Biden Ransomware Crackdown | LinkedIn
But the situation is not as hopeless as it seems. Crucial to any successful ransomware scheme is collecting the ransom in pseudo-anonymous cryptocurrency, typically bitcoin. Stop the flow of bitcoin and ransomware attackers will have no means to anonymously, conveniently, expeditiously and securely collect their extortion demand. But how?The answer is simple. By using the effective and novel […]