article thumbnail

Ransomware Payments Are Down

Schneier on Security

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021.

article thumbnail

Mass Ransomware Attack

Schneier on Security

A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack : TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

10 Mistakes Companies Make in Their Ransomware Responses

Dark Reading

Hit by ransomware? These missteps can take a bad scenario and make it even worse

article thumbnail

Ransomware Profitability

Schneier on Security

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Ransomware is now an established worldwide business. Uncategorized crime cryptocurrency ransomware

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

Decrypting Hive Ransomware Data

Schneier on Security

Nice piece of research : Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. In this paper, we analyzed Hive ransomware, which appeared in June 2021.

article thumbnail

Double-Encrypting Ransomware

Schneier on Security

In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B. Uncategorized encryption extortion malware ransomwareThis seems to be a new tactic : Emsisoft has identified two distinct tactics.

article thumbnail

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. “The minute you announce you’ve got a decryptor for some ransomware, they change up the code,” James said.

article thumbnail

FBI takes down Hive ransomware group

Tech Republic Security

The post FBI takes down Hive ransomware group appeared first on TechRepublic. Security fbi hive hive ransomware group ransomwareWorking with international law enforcement, the FBI said it has seized control of the servers the Hive group uses to communicate with members.

article thumbnail

The DarkSide Ransomware Gang

Schneier on Security

The New York Times has a long story on the DarkSide ransomware gang. Uncategorized business of security crime cybercrime ransomware Russia

article thumbnail

Microsoft retracts its report on Mac ransomware

Tech Republic Security

A publication from Microsoft that was taken down January 6 warns about four ransomware families affecting macOS devices. The post Microsoft retracts its report on Mac ransomware appeared first on TechRepublic. Apple Microsoft Security Mac macos ransomware ransomware report

article thumbnail

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The Colonial Pipeline is another current high-profile ransomware victim. Uncategorized cryptocurrency cybercrime doxing police ransomware

article thumbnail

How ransomware attacks target specific industries

Tech Republic Security

Analyzing over 100 prominent ransomware incidents, Barracuda found the top targeted sectors to be education, municipalities, healthcare, infrastructure and financial. The post How ransomware attacks target specific industries appeared first on TechRepublic.

article thumbnail

Ransomware attacks are decreasing, but companies remain vulnerable

Tech Republic Security

Only 25% of the organizations surveyed by Delinea were hit by ransomware attacks in 2022, but fewer companies are taking proactive steps to prevent such attacks. The post Ransomware attacks are decreasing, but companies remain vulnerable appeared first on TechRepublic.

article thumbnail

Ransomware Defense: Top 5 Things to do Right Now

Threatpost

Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.

article thumbnail

Negotiating with Ransomware Gangs

Schneier on Security

Thus, the decision whether to pay or ignore a ransomware demand, seems less of a legal, and more of a practical, determination ­ almost like a cost-benefit analysis. When confronted with a ransomware attack, the options all seem bleak. Uncategorized ransomware risk assessment

article thumbnail

BECs double in 2022, overtaking ransomware

Tech Republic Security

The post BECs double in 2022, overtaking ransomware appeared first on TechRepublic. Cloud Security business email compromise cloud security cybersecurity phishing ransomware

article thumbnail

Ransomware Shuts Down US Pipeline

Schneier on Security

This is a major story : a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it.

article thumbnail

Ransomware gangs’ harassment of victims is increasing

Tech Republic Security

The post Ransomware gangs’ harassment of victims is increasing appeared first on TechRepublic. Security cybersecurity ransomware

article thumbnail

Ransomware attacks skyrocket as threat actors double down on U.S., global attacks

Tech Republic Security

New studies by NCC Group and Barracuda Networks show threat actors are increasing ransomware exploits, with consumer goods and services receiving the brunt of attacks and a large percentage of victims being hit multiple times.

article thumbnail

Recognize the commonalities in ransomware attacks to avoid them

Tech Republic Security

Learn how your organization can use the MITRE ATT&CK framework to prevent data breaches, fines, and the loss of clients and customers induced by ransomware threats. The post Recognize the commonalities in ransomware attacks to avoid them appeared first on TechRepublic.

article thumbnail

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. ” A Little Sunshine Ransomware The Coming Storm ALPHV ransomware BlackCat ransomware Brett Callow Emsisoft

article thumbnail

Insurance and Ransomware

Schneier on Security

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. However, the most pressing challenge currently facing the industry is ransomware. Uncategorized academic papers cybercrime cybersecurity insurance mitigation ransomware reports

Insurance 290
article thumbnail

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

article thumbnail

Breaking the Zeppelin Ransomware Encryption Scheme

Schneier on Security

Uncategorized cryptanalysis cybersecurity encryption ransomware

article thumbnail

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from.

article thumbnail

Royal ransomware spreads to Linux and VMware ESXi

Tech Republic Security

A new Linux version of Royal ransomware is targeting VMware ESXi virtual machines. The post Royal ransomware spreads to Linux and VMware ESXi appeared first on TechRepublic. Open source Security Virtualization linux malware ransomware royal royal ransomware

article thumbnail

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

article thumbnail

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. PWC’s timeline of the days leading up to the deployment of Conti ransomware on May 14.

article thumbnail

Cryptocurrency users in the US hit by ransomware and Clipper malware

Tech Republic Security

Learn how to protect your business and staff from the MortalKombat ransomware and Laplas Clipper malware. The post Cryptocurrency users in the US hit by ransomware and Clipper malware appeared first on TechRepublic. Security cryptocurrency cybersecurity malware phishing ransomware

article thumbnail

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue.

article thumbnail

How ransomware gangs operate like legitimate businesses

Tech Republic Security

Today’s ransomware groups act like regular businesses with PR and advertising, escrow services and even customer support, says Cybersixgill. The post How ransomware gangs operate like legitimate businesses appeared first on TechRepublic. Security ransomware

article thumbnail

How Executive Cybersecurity Protection Limits Ransomware Threats

Security Boulevard

Ransomware, or malicious malware designed to shut down or block access to vital business data until ransom fees are paid, continues to disrupt organizations worldwide. The post How Executive Cybersecurity Protection Limits Ransomware Threats appeared first on Security Boulevard.

article thumbnail

A Death Due to Ransomware

Schneier on Security

The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing. If proven in court, the case will mark the first confirmed death from a ransomware attack.

article thumbnail

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.

article thumbnail

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. UK hospitals had to redirect patients during the 2017 WannaCry ransomware attack , but there were no documented fatalities from that event.

article thumbnail

FIN7 threat actor updated its ransomware activity

Tech Republic Security

Researchers from PRODAFT reveal that the infamous FIN7 threat actor updated its ransomware activities and provide a unique view into the structure of the group. The post FIN7 threat actor updated its ransomware activity appeared first on TechRepublic. Security fin7 prodaft ransomware

article thumbnail

Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

article thumbnail

Ransomware Attacks against Water Treatment Plants

Schneier on Security

According to a report from CISA last week, there were three ransomware attacks against water treatment plants last year. WWS Sector cyber intrusions from 2019 to early 2021 include: In August 2021, malicious cyber actors used Ghost variant ransomware against a California-based WWS facility.

article thumbnail

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language.

article thumbnail

Task Force Seeks to Disrupt Ransomware Payments

Krebs on Security

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

article thumbnail

Ransomware Now Leaking Stolen Documents

Schneier on Security

Originally, ransomware didn't involve any data theft. Now ransomware is increasingly involving both encryption and exfiltration. Recently, the aerospace company Visser Precision was hit by the DoppelPaymer ransomware. blackmail dataloss doxing encryption ransomware

article thumbnail

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.