Conti Ransomware Attacks Surging, US Government Warns

Data Breach Today

Advisory Urges Multifactor Authentication, Network Segmentation, Patching and More The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S.

Ransomware: Should Governments Hack Cybercrime Cartels?

Data Breach Today

Banning Ransom Payments and Unleashing Offensive Hacking Teams Being Mooted With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Government Software Supplier Hit By Ransomware

Data Breach Today

Ransomware Gangs and the Name Game Distraction

Krebs on Security

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Another ransomware family tied to Evil Corp.

Louisiana Government Recovering From Ransomware Attack

Data Breach Today

Governor Describes 'Aggressive' Incident Response Efforts After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

Do Ransomware Operators Have a Russian Government Nexus?

Data Breach Today

Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government.

New StopRansomware.gov website – The U.S. Government’s One-Stop Location to Stop Ransomware

IG Guru

Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.

US: Chinese Government Waged Microsoft Exchange Attacks

Data Breach Today

China's Ministry of State Security Also Accused of Carrying Out Ransomware Attacks The Biden administration formally accused China's Ministry of State Security of conducting a series of attacks against vulnerable Microsoft Exchange servers earlier this year that affected thousands of organizations.

Task Force Seeks to Disrupt Ransomware Payments

Krebs on Security

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Ransomware Updates: Conti Attacks Rise, New Players Surface

Data Breach Today

government has been tracking an increase in the pace of attacks tied to Conti ransomware. The latest edition of the ISMG Security Report features an analysis of how the U.S. Also featured are what "protection" means today and building a new cybersecurity operating model

Ransomware Hits Brazilian National Treasury

Data Breach Today

Scope of Incident Remains Unclear The Brazilian government has confirmed that its National Treasury fell victim to a ransomware attack on Aug. The scope of the incident remains unclear, although officials say it did not damage structural systems

Constant Ransomware Business Refinements Boosting Profits

Data Breach Today

Former Head of GCHQ Highlights Need for Getting Basics Right, Plus Government Action Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K.

Ransomware Increasingly Hits State and Local Governments

Data Breach Today

Yet These Victims Are Less Likely to Pay Any Ransom, Recorded Future Finds Over the past two years, the number of ransomware attacks against state and local government agencies has increased. But at the same time, these victims are paying less to attackers. A new analysis by threat intelligence firm Recorded Future asks: Why the discrepancy

Texas Says 22 Local Government Agencies Hit by Ransomware

Data Breach Today

Single Threat Actor' Suspected; Government Coalition Urges Greater Prevention Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday

White House Presses Russia on JBS Ransomware

Data Breach Today

Experts Say Ransomware Hasn't Slowed Down Since Colonial Pipeline The White House says on Tuesday it has contacted Russia regarding the ransomware attack against JBS SA, the multinational meat producer.

Ransomware Increasingly Targeting Small Governments

Dark Reading

To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware

City of Albany Latest Local Government Hit With Ransomware

Data Breach Today

Attack Comes After Others That Targeted Counties Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents

Government Employees Unprepared for Ransomware

Dark Reading

Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Data Breach Today

Prolific Ransomware Can 'Spread Automatically' Inside Networks, CERT-FR Warns Prolific Ryuk ransomware has a new trick up its sleeve. "A

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. Although the DIR has released few details about the ransomware campaign, they did confirm that it originated from a single “threat actor.”

Data Breach Culprits: Phishing and Ransomware Dominate

Data Breach Today

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

CERT France – Pysa ransomware is targeting local governments

Security Affairs

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities.

Coordinated Ransomware Attack Hits 23 Texas Government Agencies

Threatpost

Researchers say that the targeted ransomware cyberattack on 23 Texas local and state entities represents a shift from "attacks of opportunity" to more targeted, malicious attacks. Government Malware cyberattack malware ransom ransomware state and government ransomware Texas government ransomware

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The Colonial Pipeline is another current high-profile ransomware victim. Uncategorized cryptocurrency cybercrime doxing police ransomware

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today.

Biden: Russian Government Not Behind Colonial Pipeline Attack

Data Breach Today

But President Says Attackers Reside in Russia President Joe Biden says the Russian government was not behind the ransomware attack that struck Colonial Pipeline Co.

Insurance and Ransomware

Schneier on Security

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. However, the most pressing challenge currently facing the industry is ransomware. To date, the UK government has taken a light-touch approach to the cyber insurance industry.

Latest Ransomware Trends: Lessons to Learn

Data Breach Today

Learning From Difficult Recoveries and Advice in Government Alerts As ransomware attacks on the healthcare sector continue to surge, entities should heed the lessons emerging from these incidents as well as the advice provided in alerts from government agencies, security experts say

Evil by a Different Name: Crime Gang Rebrands Ransomware

Data Breach Today

WastedLocker Ransomware From Evil Corp Disguised as PayloadBin to Avoid Sanctions If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand?

Fighting Ransomware: A Call for Cryptocurrency Regulation

Data Breach Today

Coalition Offers a Framework for Disrupting Attacks A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

REvil Ransomware spokesman releases an interview on recent attacks

Security Affairs

The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based firms. SecurityAffairs – hacking, REvil ransomware).

Experts Warn: Targeted Ransomware Attacks to Surge

Data Breach Today

McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.

Tape Won’t Work for Ransomware Protection. Here’s Why.

eSecurity Planet

Tape vendors have been promoting themselves as a solution to the ransomware problem because of their ability to provide air-gapped data backup, but trying to recover terabytes of data from a tape drive can be a little like, well, running into red tape. Tape vs. Disk: The Ransomware Issues.

When Ransomware Comes to (Your) Town

Dark Reading

While steps for defending against a ransomware attack vary based on the size of the government entity and the resources available to each one, rooting out ransomware ultimately will come down to two things: system architecture and partnerships

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Data Breach Today

Attacks Target Government Agencies and a Variety of Others The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S.

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert

Data Breach Today

DoppelPaymer Hit Comes as Ransomware Attacks - and Data-Leaking Shakedowns - Surge The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware.