NotPetya – Page 2 – WindowsTechs.com

Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem.

Posted on January 18, 2022 by Tim Starks

Ransomware is fundamentally about reaping massive profits from victims — payments were on pace to cross the billion-dollar threshold in 2021, according to the U.S. government — but there are signs foreign government-connected groups are increasingly moving into a territory dominated by criminal gangs, and for an entirely different motive: namely, causing chaos. Research that Microsoft and cybersecurity company CrowdStrike recently publicized separately concluded that Iranian hackers tied to Tehran had been conducting ransomware attacks that weren’t about making money, but instead disrupting their enemies. It echoed research from last spring and summer by FlashPoint and SentinelOne, respectively. When disruptive ransomware pays off, those who have studied the phenomenon say, it can embarrass victims. It can be used to steal data and leak sensitive information the public. It can lock up systems, disabling targets. And given the prominence of ransomware, it’s another method that foreign intelligence and military agencies can use […]

The post Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem. appeared first on CyberScoop.

Continue reading Ransomware isn’t always about gangs making money. Sometimes it’s about nations manufacturing mayhem.→

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

Posted on January 14, 2022 by BrianKrebs

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine. Continue reading At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates→

Deja Vu: What Do NotPetya and SolarWinds Have in Common?

Posted on June 15, 2021 by Lior Div

As I was waking up in Boston on the morning of June 27, 2017, reports were being shared on social media that an electric power supplier in Ukraine was hit by a cyber attack. Within about an hour, a Danish power supplier was also knocked offline an… Continue reading Deja Vu: What Do NotPetya and SolarWinds Have in Common?→

Suspected Iranian hackers pose as ransomware operators to target Israeli organizations

Posted on May 25, 2021 by Sean Lyngaas

Ever since a 2012 hack that disabled tens of thousands of computers at oil giant Saudi Aramco, suspected Iranian operatives have been known to regularly use data-wiping hacks against organizations throughout the Middle East. Now, one such possible group has been posing as ransomware operators in an effort to conceal the origin of a series of data-wiping hacks against Israeli organizations, according to private-sector investigators. The hackers are demanding extortion fees even when the code they deploy deletes data rather than unlocks it. The findings, published Tuesday by security firm SentinelOne, suggest a growing willingness by certain Iran-linked hacking groups to use tactics associated with financially motivated criminals in order to advance their interests. “Deploying ransomware is a disruptive act that provides deniability, allowing the attackers to conduct destructive activity without taking the full responsibility of those acts,” said Amitai Ben Shushan Ehrlich, a threat intelligence researcher at SentinelOne. SentinelOne […]

The post Suspected Iranian hackers pose as ransomware operators to target Israeli organizations appeared first on CyberScoop.

Continue reading Suspected Iranian hackers pose as ransomware operators to target Israeli organizations→

Navigating the waters of maritime cybersecurity

Posted on May 12, 2021 by Help Net Security

In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan (NMCP), accompany… Continue reading Navigating the waters of maritime cybersecurity→

Review: The Perfect Weapon

Posted on November 30, 2020 by Help Net Security

John Maggio, an award-winning producer, director, and writer, known for The Newspaperman: The Life and Times of Ben Bradlee (2017), Panic (2018), The Italian Americans (2015) and others, based this documentary on the homonymous best-selling book by Dav… Continue reading Review: The Perfect Weapon→

Smashing Security podcast #204: Green buttons, Olympic attacks, and… an apology

Posted on November 12, 2020 by Graham Cluley

There’s been a cybersecurity goof in the wake of the US presidential elections, the US fingers the hackers responsible for disrupting the Winter Olympics in South Korea, and we take a long hard look at long hard legal mumbojumbo…

All this and much… Continue reading Smashing Security podcast #204: Green buttons, Olympic attacks, and… an apology→

Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events

Posted on November 10, 2020 by Tim Starks

There’s a relatively small swath of cyberattacks mixed among the more common variety that are truly extreme, costing tens of million of dollars and beyond, or exposing millions of records. A report out Tuesday identified a little over 100 that fit that description over the past five years. The researchers learned that these massive events cost a median of $47 million and usually came via straightforward hacks or ransomware. They appear to be growing more frequent, and nation-state hackers are behind them to a surprising degree, the report says. But the report from the Cyentia Insitute, a data science firm, also found that these extreme attacks don’t affect all their targets in the same way. Some cost companies nearly 100 times their revenue, while others were still just a drop in the bucket, costing as little as 0.1 % of their revenue. And the financial, information and manufacturing sectors accounted for more than half of the 103 incidents. “What […]

The post Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events appeared first on CyberScoop.

Continue reading Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events→

GRU Agents Indicted for Hacking Multiple Targets

Posted on October 20, 2020 by Richi Jennings

The DoJ has charged six Russians, allegedly working for the GRU, with a huge range of computer crimes.
The post GRU Agents Indicted for Hacking Multiple Targets appeared first on Security Boulevard.
Continue reading GRU Agents Indicted for Hacking Multiple Targets→

Russian “government hackers” charged with cybercrimes by the US

Posted on October 20, 2020 by Naked Security writer

What can we learn from the US DOJ indictments against the “Sandworm Team”? Continue reading Russian “government hackers” charged with cybercrimes by the US→