Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility

Over the course of his term, Joe Biden has presided over an ambitious agenda on regulation and more, to both praise and criticism.

The post Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility appeared first on CyberScoop.

Continue reading Biden’s cybersecurity legacy: ‘a big shift’ to private sector responsibility

Bill seeks cyber protections for food and agriculture

The Farm and Food Cybersecurity Act aims to identify vulnerabilities in the sector through an annual exercise and regular threat assessments.

The post Bill seeks cyber protections for food and agriculture appeared first on CyberScoop.

Continue reading Bill seeks cyber protections for food and agriculture

NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million

A government advisory published Monday warned that BlackMatter ransomware attackers are going after U.S. critical infrastructure, including food and agriculture organizations, and demanding exorbitant payouts. It’s the latest joint alert from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency, this time about a form of ransomware that first emerged in July. It comes just days after a similar alert about ransomware threats to water and wastewater facilities. It’s also part of a recent push by federal security agencies to put a focus on the food and agriculture sector. “This advisory highlights the evolving and persistent nature of criminal cyber actors and the need for a collective public and private approach to reduce the impact and prevalence of ransomware attacks,” said Eric Goldstein, executive assistant director for cybersecurity at CISA. BlackMatter seeks between $80,000 and $15 million in cryptocurrency, including bitcoin and Monero, […]

The post NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million appeared first on CyberScoop.

Continue reading NSA, DHS shine light on BlackMatter ransomware threat to food industry, demands of up to $15 million

Hackers are using CAPTCHA techniques to scam email users

More email users fell for scams using CAPTCHA technology in 2020, a new report from security firm Proofpoint shows. The technique, which uses a visual puzzle to help authenticate human behavior, received 50 times as many clicks in 2020 compared to 2019. That’s still only a 5% overall response rate, researchers note. Comparatively, one in five users clicked attachment-based emails with malware disguised as Microsoft PowerPoints or Excel spreadsheets. Campaigns using attachments to hide malware made up one in four of the attacks researchers at Proofpoint monitored. “Attackers don’t hack in, they log in, and people continue to be the most critical factor in today’s cyber attacks,” Ryan Kalember, executive vice president of cybersecurity strategy at Proofpoint said in a statement. Researchers found that quantity continues to beat quality in email attacks. Proofpoint found that the highest number of clicks came from a threat actor linked to the Emotet botnet. […]

The post Hackers are using CAPTCHA techniques to scam email users appeared first on CyberScoop.

Continue reading Hackers are using CAPTCHA techniques to scam email users

Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says

The tides may be starting to turn on the ransomware epidemic, new industry findings show. The average ransomware payment declined to $136,576 in the second quarter of 2021, according to numbers published Friday by ransomware response firm Coveware. The company did not share how many companies that data was based on. The 38% decrease is a dramatic drop from the average demand of $220,298 that the firm reported in April for the first quarter. That number was a 43% increase from the last quarter of 2020. The decline comes in the shadow of three major ransomware attacks hitting the U.S. supply chain. Since May, U.S. officials have faced three high-profile ransomware attacks against fuel provider Colonial Pipeline, meat supply company JBS, and most recently Florida IT company Kaseya. The latter two attacks have been attributed to REvil, a ransomware gang thought to be based in Russia. The resulting wake-up call in both […]

The post Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says appeared first on CyberScoop.

Continue reading Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says

New legislation would boost the FTC’s role in fighting ransomware

A new bill could direct the Federal Trade Commission’s international efforts towards taking on ransomware. Rep. Gus Bilirakis (R-Fla.), the top Republican on the House Energy and Commerce consumer protection subcommittee, filed legislation Tuesday that would require the agency to report the number of ransomware and cyberattack-related complaints it receives, and how it cooperated with international law enforcement to respond to those issues. The new text would update a 2006 law enabling the agency to work with foreign law enforcement agencies on consumer protection issues. Under the amended law, the FTC would also be charged with providing recommendations for legislation and best practices to mitigate and defend against ransomware. The FTC has always played a role in trying to mitigate data breaches and online fraud, including the enforcement of privacy policies and pursuing companies like Equifax for failing to take basic security precautions. It has in the past also offered […]

The post New legislation would boost the FTC’s role in fighting ransomware appeared first on CyberScoop.

Continue reading New legislation would boost the FTC’s role in fighting ransomware

The Second Wave of a Ransomware Pandemic

In January, we published the Ransomware Pandemic, a report discussing the ever-evolving threat of ransomware and the growing devastation disseminated by these malicious malware strains. The report discussed the future forecast for ransomware and how w… Continue reading The Second Wave of a Ransomware Pandemic

Jack Cable, Stanford student and cyber whiz, aims to crowdsource ransomware details

Ransomware has never been more of a national security concern after a string of hacks against the fuel supplier Colonial Pipeline, meat giant JBS and perhaps thousands of others compromised after breach at a large IT firm. Few people, if any, seem to grasp the breadth and cost of the scourge, as there are no legal requirements for victims to disclose when they pay hackers to unlock their network.  That, combined with the suspicious that most victims don’t, report their digital extortion payments, makes it harder for law enforcement and security firms to combat attacks, or even understand how to fight them. That’s the impetus behind a project that Stanford University student and security researcher Jack Cable launched on Thursday, dubbed “Ransomwhere,” a plan to track payments to bitcoin addresses associated with known ransomware gangs. “Having public transparency around the impact of ransomware, especially as we’re proposing and considering different […]

The post Jack Cable, Stanford student and cyber whiz, aims to crowdsource ransomware details appeared first on CyberScoop.

Continue reading Jack Cable, Stanford student and cyber whiz, aims to crowdsource ransomware details

Biden again urges Putin to disrupt ransomware gangs operating inside Russia

President Joe Biden pushed Russian President Vladimir Putin to disrupt ransomware groups operating within Russian borders in a phone call Friday, according to a White House statement. “I made it very clear to him that the United States expects [that] when a ransomware operation is coming from his soil even though it’s not sponsored by the state, we expect [Russia] to act if we give them enough information to act on who that is,” Biden told reporters after the call. The call came on the heels of the latest major cyberattack against a U.S. company. REvil, a ransomware group believed to be in Russia, hit Florida-based IT software company Kaseya last week. Researchers have suggested that the hack affected between 1,500 to 2000 of the firm’s clients as well as likely thousands of more customers of those clients. The Kremlin says it has not received any official requests from U.S. […]

The post Biden again urges Putin to disrupt ransomware gangs operating inside Russia appeared first on CyberScoop.

Continue reading Biden again urges Putin to disrupt ransomware gangs operating inside Russia

How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS

The Russian ransomware gang REvil is loud, ambitious and particularly nasty. Even by hackers’ standards. Before claiming responsibility for a breach at the software company Kaseya, which has resulted in breaches at perhaps thousands of other businesses and newfound attention from the White House, the group accounted for less than 10% of known ransomware victims, according to the threat intelligence firm Recorded Future. Now, it accounts for 42%. As U.S. national security officials and much of the cybersecurity community race to mitigate the fallout from the Kaseya incident, the incident serves as yet another reminder of how groups of scammers are making millions of dollars after years of honing their tradecraft. A “conservative estimate” by IBM placed REvil’s 2020 profits at $123 million, first among ransomware gangs, while multiple firms said the gang’s malware was the most common digital extortion tool. That was before the REvil group also struck the […]

The post How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS appeared first on CyberScoop.

Continue reading How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS