Aiming for the right defense strategy against ransomware threats

Steve Caimi is a security specialist Cisco with nearly 25 years’ experience in cybersecurity.  Ransomware had a banner year in 2020, taking advantage of pandemic-related shifts in network access for remote work, distance learning and telehealth. For critical infrastructure sectors, the threat of seeing data locked up or having systems knocked offline is a risk that these organizations simply can’t afford. While cyber defenders are improving their cyber defenses, hackers are upping their game too. They’re getting better at getting inside, they’re affecting more systems and they’re doing more with the data they steal. That is why organizations need a security strategy that can adapt to the changing threat environment. For ransomware, financial gain is the endgame. We are seeing a growing trend in “big game hunting” — or targeting big-revenue organizations — because attackers know these organizations can, and will, pay up. Two of the top attack vectors should […]

The post Aiming for the right defense strategy against ransomware threats appeared first on CyberScoop.

Continue reading Aiming for the right defense strategy against ransomware threats

How NIST hopes network defenders will stop ransomware

Networks defenders in the U.S. and beyond are struggling to keep pace with scale and intensity of ransomware attacks, particularly as the issue has emerged as a subject of concern during the coronavirus pandemic.  Organizations ranging from the Department of Homeland Security to the Federal Bureau of Investigation have warned that government agencies of all sizes and private companies can take basic steps to avoid hacking groups. The U.S. National Institute of Standards and Technology also has published a number of updates aimed at helping cyber staffers safeguard data. The larger issue is about protecting data integrity, Bill Fisher, security engineer at NIST’s National Cybersecurity Center for Excellence (NCCoE), explained during a Q&A session with CyberScoop. There’s a range of tactics that organizations can deploy to protect their information, he said, including the use of blocking technology and stronger authentication techniques that provide dynamic risk assessments.  CyberScoop: Should security personnel trying […]

The post How NIST hopes network defenders will stop ransomware appeared first on CyberScoop.

Continue reading How NIST hopes network defenders will stop ransomware

FBI alert on Egregor ransomware highlighted affiliate cybercrime model

An emerging strain of ransomware that was the subject of a recent FBI report is relying on an extortion technique in which attackers publish stolen data to a public website in the event that a victim organization refuses to meet hackers’ demands.  The Federal Bureau of Investigation in January warned that the gang behind the Egregor ransomware, first detected in September 2020, would compromise a victim’s network, then order a victim to print a physical copy of a ransom note spelling out a demand to pay a specific fee, otherwise risk their stolen data being made public. French and Ukrainian police took action against hackers who used the Egregor malware in February, reportedly arresting “several” suspects.  In its advisory, the bureau said that attackers can rent Egregor as a ransomware-as-a-service malware, and that it relies on other hacking tools as part of an affiliate model. Egregor frequently comes packaged with […]

The post FBI alert on Egregor ransomware highlighted affiliate cybercrime model appeared first on CyberScoop.

Continue reading FBI alert on Egregor ransomware highlighted affiliate cybercrime model

Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat

Ransomware victims paid attackers at least $144.35 million in bitcoin between 2013 and 2019, according to a recent Federal Bureau of Investigation bulletin that likely fails to account for millions of dollars.  The figure, published in a Feb. 4 advisory from the bureau, is based on the financial losses than ransomware victims reported to U.S. law enforcement over a six-year span in which digital extortion evolved from a rare corporate annoyance to a global black market. Victimized organizations often do not report ransomware payments to the FBI, and hackers in recent months have demanded tens of millions of dollars from breached firms. U.S. insurers similarly have tried to gather information about the frequency, size and severity of digital crime sprees.  FBI officials publicized the figure as part of a National Cyber Investigative Joint Task Force fact sheet aimed at raising awareness about the ideal prevention and responses practices to ransomware. […]

The post Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat appeared first on CyberScoop.

Continue reading Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat

New global model needed to dismantle ransomware gangs, experts warn

Ransomware gangs are making a killing — they’re encrypting data at schools and hospitals around the world at an alarming rate, and they’re raking in hundreds of millions of dollars’ worth doing it, by some counts. But it doesn’t have to be that way. Security experts and former diplomats are in the early stages urging governments to work together to create a different kind of world — one with fewer examples of hackers taking data hostage or knocking organizations offline to demand ransoms or extortion fees, and one in which hackers are held accountable for targeting vulnerable organizations. Government officials increasingly have been working together to tamp down on malicious cyber activity in recent years, as evidenced by a European Union sanctions regime focused on hacking rolled out in the past year, and a 2015 agreement among United Nations members that cyberattacks intended to damage critical infrastructure are off limits. But […]

The post New global model needed to dismantle ransomware gangs, experts warn appeared first on CyberScoop.

Continue reading New global model needed to dismantle ransomware gangs, experts warn

Is Congress finally ready to pass meaningful ransomware legislation?

During the entire last two-year session of Congress, lawmakers only signed one bill law that mentioned the word “ransomware.” With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation. “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.” In one recent incident, a Mississippi public school system revealed it had paid $300,000 to ransomware attacks, while a U.S. medical company, Universal Health Services, said it lost $67 million as a result of […]

The post Is Congress finally ready to pass meaningful ransomware legislation? appeared first on CyberScoop.

Continue reading Is Congress finally ready to pass meaningful ransomware legislation?