Hospitals, Schools Get a Crucial Break From Ransomware Attacks
After a year of what felt like nonstop cyberattacks on the most vulnerable targets, healthcare and government organizations started 2021 with ransomware incidents at their lowest point in more than a year. There were just two ransomware attacks on healthcare organizations in January, a fourfold decrease from the monthly average in 2020. State and local governments reported four ransomware incidents in Januaryâthat compares to 14 attacks in December of last year and 15 attacks from one year prior…
With Biden in Office, Global Policymakers Are Making a Renewed Push for Cyber Norms
On Tuesday, diplomats from Australia, France, and Estonia, as well as private sector cybersecurity officials, emphasized the need for a renewed focus on norms in cyberspace, and suggested that progress could be made in the coming years. âAs cyber threats grow, itâs vitally important that UN discussions keep pace, or they really do risk losing credibility,â said Tobias Feakin, Australiaâs ambassador for cyber affairs and critical technology, at a virtual event on cyber norms hosted by the U.S. Chamber of Commerce. And one of the biggest assets for this renewed push may be the fact that thereâs a new administration in the White House….
Cyber Attribution Is More Art Than Science. This Researcher Has a Plan to Change That
The Record caught up with threat intelligence researcher Timo Steffens to talk about the latest in threat hunting, and why he thinks itâs similar to disciplines like art history and criminology. He also discussed why the whole concept of APT groupsâthe term security professionals often use to categorize nation state or state-sponsored hacking operationsâis a simplification that the industry might have to move past. “[Hacking groups] donât necessarily have a fixed set of peopleâsome leave, some join, they might share malware or an idea for an exploit with another groupâso we have to… understand that the whole landscape is dynamic,” he said…
U.S. Authorities Take Sweeping Actions Against North Korean Hacking Operations
Several U.S. federal agencies on Wednesday released a batch of indictments, cybersecurity advisories, and malware analysis reports that represents one of the most expansive cybersecurity-related actions against North Korea in years. The U.S. Justice Department unsealed charges against three North Korean hackers who are accused of stealing and extorting more than $1.3 billion of money and cryptocurrency from financial institutions around the globe. Itâs the first indictment related to North Korean hacking operations since 2018, according to an analysis by The Record…
A Volunteer Cyber Group Formed To Protect Hospitals During the Pandemic Releases Its First Report
An organization founded by vigilantes seeking to protect healthcare workers from digital threats during the COVID-19 pandemic has released its first report, which details cybercrime activity against global healthcare entities since pandemic lockdowns began in March of last year. In line with previous reports on the sector, it found that cybercrime had accelerated during the pandemic as criminals exploited the rapid transition to remote work and the psychological pressures produced by the global health crisis…
SIM Swappers Stole $100 Million from âWell-Known Influencersâ Before Getting Arrested, Authorities Say
An international law enforcement operation arrested ten suspected hackers who are accused of targeting U.S. celebrities with SIM swapping attacks that netted them $100 million in cryptocurrency. âWell-known sports stars, musicians, and influencersâ were targeted in the scheme, which involved exploiting phone service providers to deactivate a victimâs SIM and transferring the number to one owned by a member of the criminal network. This let the attackers intercept messages directed to the victims, allowing them to hijack accounts, steal money, and masquerade as the victims on social media, authorities said…
Hackers Targeted Work-From-Home Technology and Avoided Adobe Products Last Year
In 2015, eight of the top ten most exploited vulnerabilities involved Adobe products. But in 2020, no Adobe products made the list, according to new data. Instead, cybercriminals focused their attention on vulnerabilities in remote-work technology, such as Citrixâs Application Delivery Controller, PulseSecureâs Pulse Connect, and Oracleâs WebLogic, as well as widely-used Microsoft products…
An Interview With Ares, a Russian Coder Who Built a Swiss Army Knife for Hackers
In 2012, a Russian hacker who went by the moniker Ares received a routine email asking about Intercepter-NG, a popular tool he developed that can be used for traffic interception. The user was having difficultyâthe tool would crash when he tried using it to parse large amounts of dataâand Ares was quick to reply. âMan, you patch quick!â the user wrote in response. According to Ares, the messages came from [email protected], the email address used by NSA contractor Edward Snowden. About a year after their first conversation, Snowden would be living as a fugitive, wanted by the U.S. government for revealing thousands of classified documents to journalists….
Federal Officials: COVID-19 Fraud Highlights Need for a New Digital Identity System
âWeâve seen how billions of dollars in fraud involving COVID-19 relief programs have exposed weaknesses in current identity and payment systems. These forced us to take a really hard look at how identity is managed, verified, and authenticated,â said Michael Mosier, deputy director of the Treasury Departmentâs Financial Crimes Enforcement Network, also known as FinCEN. âTo get payments right, we have to get identity right and we have to do it in a way that preserves privacy while ensuring security in the system.” Lawmakers and other officials called on the Biden administration to focus on creating a new digital identification system that would make it harder for cybercriminals to steal from financial institutions and individuals…
U.S. Announces Charges, Cryptocurrency Seizure in NetWalker Investigation
The U.S. Department of Justice announced Wednesday that a coordinated international campaign targeting the NetWalker ransomware has resulted in the seizure of hundreds of thousands of dollars in cryptocurrency and criminal charges against a Canadian national. NetWalker attacks steadily rose last year, and targeted a wide range of organizations including hospitals, schools, and municipalities, according to data collected by Recorded Future. The ransomware-as-a-service operation is part of a growing movement where attackers steal and leak data to pressure victims into paying a demand….