A Government Insider on Navigating the New Guidance for Ransomware Payments
When attorney David Cohen was serving in the Treasury Department under the Obama administration—where he was known as the administration’s “financial Batman”—ransomware payments were hardly on the government’s radar, he said. In recent years, however, the ransomware threat has rapidly expanded, crippling countless schools, hospitals, municipalities, and businesses on a daily basis….
An Early Interview With The Dark Overlord: The Hacking Group That Forever Changed Cyber Extortion
In early 2016, Recorded Future analysts observed a threat actor selling stolen healthcare databases containing patient records on an anonymous hacking forum. The actor, who used the moniker “thedarkoverlord,” would soon make a name outside of the cybersecurity community for extorting high-profile targets and publicly demanding ransom payments to stop the release of confidential data. The group would slowly release stolen documents—a playbook that has since been copied by a wide range of ransomware purveyors….
Ukraine’s Top Cyber Cop on Defending Against Disinformation and Russian Hackers
In recent years, Ukraine has become an involuntary testing ground for some of the most dangerous cyberweapons in the world. Serhii Demediuk has perhaps played the most prominent role in defending Ukraine against digital intrusions, investigating cyberattacks and the groups behind them, and strengthening the country’s capabilities in cyberspace….
Why Cybercrime Losses Continue to Soar
Losses related to cybercrime have steadily climbed from $1.1 billion in 2015 to $3.5 billion in 2019, according to the FBI’s Internet Crime Complaint Center, or IC3. One reason why cybercrime losses are increasing is that there are more cyberattacks than ever before. In 2015, there were about 288,000 cybercrime-related complaints to the FBI. Complaints soared to 350,000 in 2018 and hit a whopping 467,000 in 2019, according to IC3 statistics…
Ex-Microsoft Employee Sentenced To 9 Years in Prison for Stealing $10 Million in Digital Currency
Sometimes the biggest threat to an organization’s data and IT systems are the employees who work there. A 26-year-old Ukranian citizen who was found guilty of stealing millions of dollars in digital currency and using the proceeds to fund a lavish lifestyle was sentenced Monday by a federal judge in Seattle to nine years in prison and ordered to pay more than $8.3 million in restitution.
Double Extortion Ransomware May Be the New Normal
From July to September, a handful of new ransomware extortion websites emerged as cybercriminals embraced the tactic as a way to pressure organizations to pay demands, the report found. For example, several victims of the SunCrypt ransomware group—including a school system and hospital—had their data exposed on a website launched in August. In late September, operators associated with the Egregor ransomware family started posting samples of stolen data online giving victims three days to pay the ransom before continuing the leak…
Ransomware Demands are Doubling Every Six Months, Study Finds
Just two years ago, ransomware was seen as a nuisance: For just a few thousand dollars—and sometimes even less—victims could obtain decryption keys to unlock their data. Since then, the average payment demanded by ransomware operators has skyrocketed, reaching an astounding $178,254 in the second quarter of 2020, nearly quadruple the amount demanded in the same period one year earlier…
Hacker Directly Targets Patients Following a Data Breach at a Finnish Mental Health Provider
A data breach involving a mental health provider in Finland has devolved into a horrifying extortion scheme that includes the abuse of hypersensitive medical data. “It’s an indescribable feeling when you know that someone has information of your traumas and is willing to use it against you,” said one patient who received a ransom email over the weekend and asked not to be named given the sensitivity of the information involved. “I feel like I have once again taken a step back in my treatment. It hurts to know that my journey to better health might take even longer now.”
TrickBot Operators Show Signs of Pivoting After Takedown Attempt
U.S. Cyber Command and a team of companies and organizations led by Microsoft delivered a one-two punch in recent weeks against TrickBot, one of the world’s largest botnets. In the last couple days, however, TrickBot spamming campaigns have started up again…
Is It OK to Pay a Ransomware Demand? Depends Who You Ask
The U.S. Department of the Treasury issued a pair of advisories last week that could potentially shake up how organizations respond to ransomware attacks. But departments and agencies have issued a patchwork of guidelines in recent years on how to approach the issue, which might lead to some head-scratching…