Tag: encryption
Ransomware is evolving into protection rackets
There is growing evidence that ransomware gangs are rapidly evolving into full-scale protection rackets. Ransomware gangs are increasingly returning to fleece their victims multiple times, even after the ransom has been paid. “Despite most victims agreeing to pay the ransom, less than half who did get their systems and data back uncorrupted. And most were breached again within a year,” says security company Cybereason’s report Ransomware: the true cost to business 2024. All of the 1008 enterprise IT professionals surveyed had been breached at least once in the past 24 months. While 84 percent paid the ‘ransom’, only 47 percent got their data and services back intact. But this new generation of ransomware attacks frequently do not stop – even once the ransom is paid. An astonishing 78 percent were breached again and 63 percent were asked to pay more the second time. In 36 percent of the cases, the second attack was carried out by the same gang that conducted the first.
British Library breach highlights new threat
The British Library, which houses about 14 million books plus manuscripts and items dating back to 2000 BC, was forced offline in October after refusing to pay a £600,000 ransomware demand. According to The Financial Times, the digital destruction caused by the “deep and extensive” ransomware attack means that the world-renowned library will now be forced to pay ten times that sum to rebuild its online services at a cost of £6 million to £7 million, taking it offline for up to a year. The British Library breach is further evidence of the devastating speed of the latest generation of ransomware attacks. Cybersecurity firm Sophos’s State of Ransomware 2023 report says that threat actors now succeed in encrypting data in 76 percent of ransomware attacks, up from 65 percent in 2022. According to Sophos, there has also been a 62 percent year-on-year rise in intentional remote encryption attacks since 2022
US Government Launches “Shields Ready” Cyber Resilience Campaign – November 9th
The US Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) launched the "Shields Ready" cybersecurity campaign to promote critical national infrastructure (CNI). The "Shields Ready" campaign will tackle CNI by establishing focused strategic strategies to protect organizations from potential disruption, and by building cyber-resilient systems.
Ransomware Attacks Double Over Past Two Years – November 7th
Ransomware Attacks Double Over Past Two Years Akamai Technologies found that organizations
Plastic surgeons and patients targeted in extortion rackets
The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.
Google responds to increase in malware-related money theft – October 13th
Google has warned users of Android devices to take specific precautionary measures to prevent malware infection. This warning comes after a reported increase in malware aimed at stealing information and money. Precautionary measures advised by the service provider include turning on Google Play Protect, updating software, and removing untrusted apps.
Microsoft One Drive doubles as ransomware tool
Microsoft's OneDrive includes built in ransomware detection and recovery and is marketed as a safe place to store sensitive documents. However, SafeBrach Researcher, Or Yair, was able to demonstrate its worrying capability to be used by the very criminals it was built to protect against.