Treasury Department
Cybercrime Featured Government Leadership People

A Government Insider on Navigating the New Guidance for Ransomware Payments

When attorney David Cohen was serving in the Treasury Department under the Obama administration—where he was known as the administration’s “financial Batman”—ransomware payments were hardly on the government’s radar, he said. In recent years, however, the ransomware threat has rapidly expanded, crippling countless schools, hospitals, municipalities, and businesses on a daily basis….

An interview with Bellingcat's Eliot Higgins
Cybercrime Featured

An Early Interview With The Dark Overlord: The Hacking Group That Forever Changed Cyber Extortion

In early 2016, Recorded Future analysts observed a threat actor selling stolen healthcare databases containing patient records on an anonymous hacking forum. The actor, who used the moniker “thedarkoverlord,” would soon make a name outside of the cybersecurity community for extorting high-profile targets and publicly demanding ransom payments to stop the release of confidential data. The group would slowly release stolen documents—a playbook that has since been copied by a wide range of ransomware purveyors….

Chart 4
Chart of the Week Featured Government Nation-state

Cyber-Espionage Attacks Disproportionately Target These Industries

Industries frequently targeted by financially-motivated cybercriminals, such as banks and healthcare organizations, are a low priority for attackers engaged in espionage, a new report from Verizon suggests. These attackers, typically linked to nation states, instead focus their efforts on industries that hold data like trade secrets, blueprints and classified government documents…

Demediuk
Cybercrime Featured Government Leadership Nation-state People

Ukraine’s Top Cyber Cop on Defending Against Disinformation and Russian Hackers

In recent years, Ukraine has become an involuntary testing ground for some of the most dangerous cyberweapons in the world. Serhii Demediuk has perhaps played the most prominent role in defending Ukraine against digital intrusions, investigating cyberattacks and the groups behind them, and strengthening the country’s capabilities in cyberspace….

chart
Cybercrime Featured

Why Cybercrime Losses Continue to Soar

Losses related to cybercrime have steadily climbed from $1.1 billion in 2015 to $3.5 billion in 2019, according to the FBI’s Internet Crime Complaint Center, or IC3. One reason why cybercrime losses are increasing is that there are more cyberattacks than ever before. In 2015, there were about 288,000 cybercrime-related complaints to the FBI. Complaints soared to 350,000 in 2018 and hit a whopping 467,000 in 2019, according to IC3 statistics…

Vietnam hacking group
Featured Government Nation-state

Researchers Identify New Malware Campaigns Linked to Vietnamese Hacking Group

When it comes to state-sponsored hacking groups, big players such as China and Russia tend to get the most attention. But smaller nations are also continuously expanding their capabilities in cyberspace, often with regional goals in mind. Two studies published in recent days have shown that one of these groups—the Vietnamese state-sponsored threat group APT32, also known as OceanLotus—has expanded its efforts by targeting the country’s Southeast Asian neighbors with malware campaigns….

The Department of Justice unsealed a series of cybersecurity indictments.
Cybercrime Featured Technology

Ex-Microsoft Employee Sentenced To 9 Years in Prison for Stealing $10 Million in Digital Currency

Sometimes the biggest threat to an organization’s data and IT systems are the employees who work there. A 26-year-old Ukranian citizen who was found guilty of stealing millions of dollars in digital currency and using the proceeds to fund a lavish lifestyle was sentenced Monday by a federal judge in Seattle to nine years in prison and ordered to pay more than $8.3 million in restitution.

phishing email
Cybercrime Featured

Double Extortion Ransomware May Be the New Normal

From July to September, a handful of new ransomware extortion websites emerged as cybercriminals embraced the tactic as a way to pressure organizations to pay demands, the report found. For example, several victims of the SunCrypt ransomware group—including a school system and hospital—had their data exposed on a website launched in August. In late September, operators associated with the Egregor ransomware family started posting samples of stolen data online giving victims three days to pay the ransom before continuing the leak…

Bannon Guo
Featured Government

How An Anti-China Website Became a Megaphone for Election Misinformation

Last October, visitors to the recently-launched GNews website would have seen headlines about China-related issues including Uyghur detention facilities, Hong Kong protests, and the destruction of Tibetan Buddhist sites. Visitors to the website today, however, are met with a stream of conspiracy theories involving presidential candidate Joe Biden and his family, lobbing far-flung allegations of incest, child trafficking, and rape…

A state capitol
Featured Government

Why Email Is Still an Election Day Disinformation Risk

As Election Day looms, federal officials, private companies, and information security experts are urging voters to be on guard for misleading information, especially from sites like Facebook, YouTube, and Twitter, where viral information can whipsaw across the country in the blink of an eye. But one disinformation vector may be hiding in plain sight: email….