Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInU.S. Pipeline Shutdown Exposes Cyber Threat to Energy Sector – WSJ
The ransomware attack that forced the closure of the largest U.S. fuel pipeline this weekend showed how cybercriminals pose a far-reaching threat to the aging, vulnerable infrastructure that keeps the nation’s energy moving. Colonial Pipeline Co. closed its entire 5,500-mile conduit carrying gasoline and other fuels from the Gulf Coast to the New York metro […]
The Case For and Against Criminalizing Ransomware – Infosecurity Magazine
Earlier this year, the former CEO of the UK National Cyber Security Centre (NCSC), Ciaran Martin, spoke on the ransomware issue, arguing that it is being fuelled because there is no legal barrier to ransomware victims paying and then claiming back the expense on insurance. He argues that this means victims are incentivized to pay […]
Incident response pros seek to prove due diligence after OFAC advisory
Being coerced into paying a large ransomware demand is bad enough. Having to pay a large civil penalty on top of that for transacting with a federally sanctioned cybercriminal group is even worse. Looking to avoid such fines, incident response (IR) experts are advocating for improvements to ransomware response protocols, including additional oversight and demonstrable […]
Acer hacked by ransomware gang demanding $50m ransom | TechRadar
The notorious REvil ransomware gang has reportedly attacked Taiwanese PC vendor Acer, demanding a $50 million ransom of cryptocurrency Monero to decrypt its computers. Working with a malware intelligence analyst from Malwarebytes, cyber-intelligence news site The Record, was able to track down a portal operated by the REvil gang that clearly spells the ransom, which […]
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – WSJ
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware Payouts
“In the last year, experts are saying this is close to getting out of control,” said Martin. “You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”. Source: Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware […]
Panelists Discuss Their “One Big Thing” for Incident Response Forum Ransomware 2021
Incident Response Forum Ransomware 2021 panelists offer their “One Big Thing” to take away from this year’s event.
A Proposed 2021 Biden Ransomware Crackdown | LinkedIn
But the situation is not as hopeless as it seems. Crucial to any successful ransomware scheme is collecting the ransom in pseudo-anonymous cryptocurrency, typically bitcoin. Stop the flow of bitcoin and ransomware attackers will have no means to anonymously, conveniently, expeditiously and securely collect their extortion demand. But how?The answer is simple. By using the effective and novel […]
Ransomware gangs now even calling victims to meet demands: Report – Express Computer
Some ransomware groups have now resorted to cold-calling victims to pressure them into paying ransom demands if they come to know that the targeted organisations were attempting restoration from backups, said a media report. Some of the ransamware gangs that have used this tactic include Conti and Ryuk, a spokesperson for New Zealand-headquartered cybersecurity firm […]
Financial institutions a top target for COVID-era cyberattacks | PropertyCasualty360
In July 2020, Kroll observed a 22% increase in attacks targeting the financial services sector based on its incident response case intakes. Business email compromise (BEC), fraud and ransomware were the top three threats impacting the industry, and Kroll has seen the number of incidents steadily rise amidst the COVID-19 crisis. From a network topography […]
Ransomware Payments can lead to Sanctions and Reporting Obligations for Financial Institutions | The Anticorruption Blog
With cybercrime on the rise, two U.S. Treasury Department components, the Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network (“FinCEN”), issued advisories on one of the most insidious forms of cyberattack – ransomware. via Ransomware Payments can lead to Sanctions and Reporting Obligations for Financial Institutions | The Anticorruption Blog.
Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam — Krebs on Security
Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate […]
What’s it really like to negotiate with ransomware gangs? – The Red Tape Chronicles
It can sound strange, but during a recent lecture at Duke University, Ehuan said there were “good” cybercriminals — gangs that have a reputation for keeping those promises. After all, it’s their business. If they were to take the Bitcoin and run, security firms would stop making payments. On the other hand, you can’t trust […]
It’s never the data breach — it’s always the cover-up | ZDNet
WHAT SHOULD CISOS TAKE AWAY FROM THE CHARGES? Here’s what senior security leaders should know and understand about these events: This is a warning to CSOs and CISOs: Remove all sense of impropriety in IR. Concealing a data breach is illegal. Every decision made during an incident might be used in litigation and will be […]
University reports data breach with third-party provider – The DePaulia
The Office of Advancement announced a data breach involving third-party service provider Blackbaud in a statement sent out to members of the DePaul community Thursday. The company suffered from a “ransomware attack” in which backup files containing personal information from various institutions across the United States, Canada and the United Kingdom were obtained. According to […]