Category Archives: JBS

White House weighs cracking down on secret ransomware payments, pursuing hackers

Posted on by

Going on offense against attackers and penetrating the secrecy surrounding attacks are two ways the Biden administration is pondering to tackle ransomware, a top White House official said on Tuesday. Anne Neuberger, the deputy national security adviser, said that that a joint FBI, U.S. Cyber Command and private sector effort to cripple the Trickbot botnet, a hacking tool that U.S. officials had feared would disrupt 2020 election season, should be the kind of operation used to tackle ransomware gangs in the future. “Certainly that serves as a model to say where we identify actors and infrastructure that are used … to conduct ransomware attacks, we want to ensure that we make it a lot harder for those actors to operate,” Neuberger said at an event hosted by the Silverado Policy Accelerator, a nonprofit think tank. In advance of the 2020 election, Cyber Command and Microsoft led missions to weaken Trickbot, […]

The post White House weighs cracking down on secret ransomware payments, pursuing hackers appeared first on CyberScoop.

Continue reading White House weighs cracking down on secret ransomware payments, pursuing hackers

A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Posted on by

The notion of writing more cybersecurity regulations is gaining traction following the Colonial Pipeline and JBS ransomware incidents, after decades of a largely hands-off approach to private sector-owned critical infrastructure. Top Biden administration team picks have testified about how voluntary standards aren’t getting the job done, and some in Congress have indicated their patience is waning with letting industry go it alone. Enter a proposal that some lawmakers and the Cyberspace Solarium Commission that they say strikes a middle ground between the new zeal for hard rules and the tradition of non-regulation in cyberspace: “systemically important critical infrastructure.” Also known as SICI, it’s an idea that involves labeling hacking targets that are most likely to cause economic, public health or national security disruptions if attacked, then offering the owners of that infrastructure a mixture of government boons in exchange for meeting baseline cybersecurity standards. But even as something of a […]

The post A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill appeared first on CyberScoop.

Continue reading A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill

Report: Ransomware Attacks and the True Cost to Business

Posted on by

Ransomware attacks have continued to make headlines, and for good reason: on average, there is a new ransomware attack every 11 seconds, and the losses to organizations from ransomware attacks is projected to reach $20 billion over the course of 2… Continue reading Report: Ransomware Attacks and the True Cost to Business

Burgeoning ransomware gang Avaddon appears to shut down, mysteriously

Posted on by

A ransomware gang has apparently disappeared just as its fortunes were rising. Ransomware experts said Avaddon shut down as of Friday. The operators left no explanation for why they might have done so, and they’re letting their remaining victims off the hook. Avaddon sent Bleeping Computer 2,934 decryption keys, after which the security firm Emsisoft produced a free, public decryption tool. After last month’s ransomware attack on Colonial Pipeline caused disruptions in the U.S. on fuel delivery, Avaddon became one of the most prolific posters of victim data to its extortion site, compared to other such groups. “This is great news,” tweeted Allan Liska, a Recorded Future analyst specializing in ransomware. “Avaddon was considered a second tier ransomware operator, but since the Colonial Pipeline attack they have been tied with Conti in terms of number of victims posted to their extortion site.” But with success has come attention. The FBI […]

The post Burgeoning ransomware gang Avaddon appears to shut down, mysteriously appeared first on CyberScoop.

Continue reading Burgeoning ransomware gang Avaddon appears to shut down, mysteriously

Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

Posted on by

It’s been two months since President Joe Biden announced his two most important Senate-confirmed cybersecurity picks: Jen Easterly to lead the Department of Homeland Security’s cybersecurity agency, and Chris Inglis to be the national cyber director. During that time, ransomware attacks have forced temporary shutdowns of a major fuel pipeline and a big meat supplier, and Biden has signaled he will raise the issue of harboring criminal hackers in a meeting next week with Russian President Vladimir Putin. Americans got their closest look yet of how Inglis and Easterly would approach those pressing issues during a Senate confirmation hearing Thursday. The nominees labeled ransomware a “scourge” that threatens national security, vowed to work with critical infrastructure firms to improve their defenses, and wondered aloud if additional federal regulations were necessary to incentivize firms to reduce their vulnerabilities to hacking. The U.S. government, Inglis said, must “seize back the initiative that […]

The post Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat appeared first on CyberScoop.

Continue reading Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

Who Wore It Better? JBS Paid Ransom, Fujifilm Did Not

Posted on by

If those burgers you throw on the grill are even more expensive this summer, this might be one of the reasons. Meat processor JBS USA paid out $11 million to hackers after a ransomware attack compelled it to shutter beef processing in the U.S. and par… Continue reading Who Wore It Better? JBS Paid Ransom, Fujifilm Did Not

Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data

Posted on by

JBS, one of America’s biggest meat processors, said Wednesday that it paid cybercriminals an $11 million ransom to ensure the hackers didn’t steal company data. The payment is more than double the $4.4 million that Colonial Pipeline, a major fuel supplier, paid to recover its data in the wake of a separate ransomware attack. “In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” JBS’s U.S. division said in a statement. In the same company statement, Andre Nogueira, CEO of JBS’s U.S. division, said it was a “very difficult decision” for the company and for him. “However, we felt this decision had to be made to prevent any potential risk for our customers,” he said. The ransomware attack forced JBS, which accounts for an estimated one-fifth of U.S. beef production, […]

The post Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data appeared first on CyberScoop.

Continue reading Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data

Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says

Posted on by

A new ransomware group claims to have breached 30 organizations in government, financial services, health care services, and energy firms in the United States, United Kingdom, and a dozen more countries, according to Palo Alto Networks research published Wednesday. The group, which Palo Alto researchers have dubbed “Prometheus,” most frequently targets the manufacturing industry. The activity comes amid ongoing concern about the effect of ransomware on national security and global supply chains after incidents at Colonial Pipeline and the meat-processing corporation JBS. “The Prometheus ransomware gang has the potential to target organizations that would lead to national concerns,” Doel Santos, threat intelligence analyst at Palo Alto Networks’ Unit 42, wrote in an email. “These threat actors are opportunistic. They are willing to target any organization.” The group has also targeted victims in manufacturing, logistics, consulting, agriculture, insurance, and legal industries. Prometheus claims to be affiliated with REvil, a Russia-based hacking […]

The post Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says appeared first on CyberScoop.

Continue reading Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says

Ransomware hits iConstituent, a service lawmakers use to communicate with voters

Posted on by

The scourge of ransomware has now hit closer to home for U.S. politicians. Ransomware has impacted the newsletter service of iConstituent, a firm that U.S. lawmakers use to contact constituents, the House of Representatives’ Chief Administrative Officer (CAO) said Tuesday. Individual offices choose to buy iConstituent services, which include virtual town halls, email and texting, and other data services. “At this time, the CAO is not aware of any impact to House data,” the CAO office said in an emailed statement. “The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.” iConstituent boasts that its software “supports millions of digital interactions between people and their governments each year.” It was unclear Tuesday morning how broadly the incident would impact House legislators’ communication with constituents. The Washington-based firm did not immediately respond […]

The post Ransomware hits iConstituent, a service lawmakers use to communicate with voters appeared first on CyberScoop.

Continue reading Ransomware hits iConstituent, a service lawmakers use to communicate with voters