The anatomy of a modern day ransomware conglomerate

If school administrators, medical organizations and other crucial industries haven’t already had enough bad news over the past year, a new hacking group that relies on emerging techniques to rip off its victims should fulfill that need.  What makes the pain even worse is that the group is using an innovative structure that’s becoming more common in the cybercrime underworld. This ransomware gang, dubbed Egregor, in recent months appears to have hacked more than 130 targets, including schools, manufacturing firms, logistics companies and financial institutions, according to the U.K.-based security firm Sophos. Egregor works much like other strains of ransomware — holding data hostage until a victim pays a fee — though in some ways the group behind it also exemplifies the current state of the hacking economy.  Rather than relying on lone hackers who mastermind massive data breaches, or dark web forums frequented only by Russian scammers, today’s cybercriminals […]

The post The anatomy of a modern day ransomware conglomerate appeared first on CyberScoop.

Continue reading The anatomy of a modern day ransomware conglomerate

Ransomware to blame for nearly half the cyber-insurance claims filed in early 2020

Nearly half of the cyber-insurance claims filed in the first half of this year were the result of ransomware attacks, further proof that digital extortion attempts are having a ripple effect throughout the private sector. Ransomware attacks were the cause of 41% of the cyber-insurance claims filed over the first six months of 2020, according to a report published by Coalition, a cyber-insurance vendor that compiled the data based on findings from 25,000 small and medium-sized companies in the U.S. and Canada. Coalition reported a 47% increase in the number of ransomware attacks, with the average size of the demand jumping by 46% over the time period in question. While cyber-insurance vendors have financial interest in emphasizing the frequency and severity of ransomware attacks, the latest figures come after a series of similar numbers hinted at the size of the ransomware problem. Beazley Breach Response, a unit of the London-based […]

The post Ransomware to blame for nearly half the cyber-insurance claims filed in early 2020 appeared first on CyberScoop.

Continue reading Ransomware to blame for nearly half the cyber-insurance claims filed in early 2020

This was inevitable: ‘Thanos’ ransomware weaponizes research tool against Microsoft Windows users

Hackers have converted software initially created as a testing tool into a destructive strain of ransomware, weaponizing inside knowledge about digital fortifications at a time when internet extortion only is accelerating. Scammers on cybercriminal forums are marketing a new strain of ransomware, dubbed “Thanos,” to other attackers aiming to infiltrate computers running Microsoft Windows, according to research published Wednesday by threat intelligence firm Recorded Future. Thanos operates much like similar hacking tools — encrypting victims’ files until they pay a shakedown fee — except that it’s the first ransomware built, in part, based on a proof-of-concept from security researchers who previously marketed their computer code as a way to bypass Windows 10 security protocols as part of otherwise legitimate tests. The discovery of the Thanos malware family coincided with a 25% uptick in overall ransomware attacks during the first three months of this year, compared to the final three months of […]

The post This was inevitable: ‘Thanos’ ransomware weaponizes research tool against Microsoft Windows users appeared first on CyberScoop.

Continue reading This was inevitable: ‘Thanos’ ransomware weaponizes research tool against Microsoft Windows users

FBI turns to insurers to grasp the full reach of ransomware

Tim Manley didn’t even know who to call. As the president of National Ink and Stitch, Manley had to figure out how to recover files that hackers had encrypted as part of a ransomware attack on the small screen-printing business. Malicious software called only “LockedIn” struck the Maryland company’s systems on Dec. 2, 2016, scrambling 16 years’ worth of the company’s intellectual property, like proprietary logos and designs. So Manley paid the two bitcoin that extortionists had demanded to free his files. It totaled about $1,500. Instead of letting National Ink and Stitch get back to work, though, the hackers asked for more money. That’s when the company president filed a report with the local police department and spent $110,000 on an IT contractor that, to this day, hasn’t recovered all the locked files. At the time, federal law enforcement wasn’t even on Manley’s list of potential allies. He didn’t alert the […]

The post FBI turns to insurers to grasp the full reach of ransomware appeared first on CyberScoop.

Continue reading FBI turns to insurers to grasp the full reach of ransomware

Beazley: ransomware claims more than doubled in the last year

Ransomware attacks on a prominent insurer’s client base rose by more than 100% last year, driven by new attacks on healthcare, professional services and financial institutions, according to new figures released Monday. Beazley Breach Response services, a unit of the London-based insurance firm, said Monday that its clients reported 775 ransomware attacks in 2019, a 131% increase over the previous year. The spike was motivated by a combination of factors, including the increased accessibility of pernicious strains of malicious software, higher demands and the simple inability of enterprises to fend off phishing emails or protect remote desktop protocol technology. The numbers are the latest addition to a pervasive ransomware problem that has been difficult to quantify. Victims often do not report attacks to law enforcement, while extortion demands range from thousands to millions of dollars. Meanwhile insurers like Beazley are asked to cover ransomware claims, and typically keep their risk […]

The post Beazley: ransomware claims more than doubled in the last year appeared first on CyberScoop.

Continue reading Beazley: ransomware claims more than doubled in the last year

Why are cyber insurers incentivizing clients to invest in specific vendors?

The cyber insurance industry is taking baby steps away from a long and messy infancy. For the hundreds of companies that offer policies, toddlerhood is here, and it means exerting more influence over how clients protect their networks and information. For years, headlines have fixated on how big firms like AIG and Zurich have been locked in legal disputes over specific claims, but insurers are now trying to be more proactive with customers. The smartest approach for everyone, they say, is to prevent breaches from happening in the first place. Key to that, and saving money, is trying to identify the products that are most effective. Marsh, the global insurance broker and risk adviser, last month published its first list of Cyber Catalyst-designated products, a tag given to 17 services that a group of insurance firms say its clients should consider, including offerings like FireEye’s Endpoint tool and CrowdStrike penetration testing service. Insurers for years have assessed security products, […]

The post Why are cyber insurers incentivizing clients to invest in specific vendors? appeared first on CyberScoop.

Continue reading Why are cyber insurers incentivizing clients to invest in specific vendors?