Ransomware: Should Governments Hack Cybercrime Cartels?

Data Breach Today

Banning Ransom Payments and Unleashing Offensive Hacking Teams Being Mooted With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels.

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

Government Software Supplier Hit By Ransomware

Data Breach Today

Louisiana Government Recovering From Ransomware Attack

Data Breach Today

Governor Describes 'Aggressive' Incident Response Efforts After a ransomware attack on Monday forced Louisiana's government to take several servers and websites offline to prevent the malware from spreading, state officials spent Tuesday restoring online services

Do Ransomware Operators Have a Russian Government Nexus?

Data Breach Today

Maze was one of the most notorious and successful ransomware operations of recent years until its apparent "retirement" and handover to Egregor in November 2020. Some rivals have suggested both groups have ties to the Russian government.

White House Presses Russia on JBS Ransomware

Data Breach Today

Experts Say Ransomware Hasn't Slowed Down Since Colonial Pipeline The White House says on Tuesday it has contacted Russia regarding the ransomware attack against JBS SA, the multinational meat producer.

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The Colonial Pipeline is another current high-profile ransomware victim. Uncategorized cryptocurrency cybercrime doxing police ransomware

Ryuk Ransomware Updated With 'Worm-Like Capabilities'

Data Breach Today

Prolific Ransomware Can 'Spread Automatically' Inside Networks, CERT-FR Warns Prolific Ryuk ransomware has a new trick up its sleeve. "A

Ransomware Increasingly Hits State and Local Governments

Data Breach Today

Yet These Victims Are Less Likely to Pay Any Ransom, Recorded Future Finds Over the past two years, the number of ransomware attacks against state and local government agencies has increased. But at the same time, these victims are paying less to attackers. A new analysis by threat intelligence firm Recorded Future asks: Why the discrepancy

Ransomware Increasingly Targeting Small Governments

Dark Reading

To get back up and running quickly, and because it's cheaper, city and county governments often pay the ransom, especially if insurance companies are footing the bill. The result: More ransomware

Government Employees Unprepared for Ransomware

Dark Reading

Data shows 73% are concerned about municipal ransomware threats but only 38% are trained on preventing these attacks

Texas Says 22 Local Government Agencies Hit by Ransomware

Data Breach Today

Single Threat Actor' Suspected; Government Coalition Urges Greater Prevention Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas, officials say a campaign tied to a "single threat actor" infected 22 local government agencies on Friday

CERT France – Pysa ransomware is targeting local governments

Security Affairs

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities.

City of Albany Latest Local Government Hit With Ransomware

Data Breach Today

Attack Comes After Others That Targeted Counties Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Krebs on Security

The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents. Ransomware ransomware Tyler Technologies tylertech.com

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . The Texas Department of Information Resources (DIR) became aware of the ransomware campaign after being contacted by the municipal governments of several towns that were unable to access critical files. Although the DIR has released few details about the ransomware campaign, they did confirm that it originated from a single “threat actor.”

Biden: Russian Government Not Behind Colonial Pipeline Attack

Data Breach Today

But President Says Attackers Reside in Russia President Joe Biden says the Russian government was not behind the ransomware attack that struck Colonial Pipeline Co.

Coordinated Ransomware Attack Hits 23 Texas Government Agencies

Threatpost

Researchers say that the targeted ransomware cyberattack on 23 Texas local and state entities represents a shift from "attacks of opportunity" to more targeted, malicious attacks. Government Malware cyberattack malware ransom ransomware state and government ransomware Texas government ransomware

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Krebs on Security

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today.

Fighting Ransomware: A Call for Cryptocurrency Regulation

Data Breach Today

Coalition Offers a Framework for Disrupting Attacks A coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

Evil by a Different Name: Crime Gang Rebrands Ransomware

Data Breach Today

WastedLocker Ransomware From Evil Corp Disguised as PayloadBin to Avoid Sanctions If you're a Russian cybercrime gang feeling the heat after being sanctioned by the U.S. government, why not rebrand?

Avaddon Ransomware Operation Calls It Quits, Releases Keys

Data Breach Today

2,934 Decryption Keys Released for Free; Emsisoft Rushes Out Full Decoder The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free.

REvil Ransomware Gang Spill Details on US Attacks

Threatpost

The REvil ransomware gang is interviewed on the Telegram channel called Russian OSINT. Government Hacks Malware

Conti ransomware demanded $20M ransom to Ireland Health Service Executive

Security Affairs

Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti ransomware gang. Ireland’s Health Service Executive that was forced to shut down its IT systems on Friday after being targeted with a significant ransomware attack.

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Krebs on Security

26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. “Multiple hospitals have already been significantly impacted by Ryuk ransomware and their networks have been taken offline,” Carmakal said. On Monday, Oct.

Experts Warn: Targeted Ransomware Attacks to Surge

Data Breach Today

McAfee and Microsoft Analysts Review 'Ransomware as a Service' Trends Targeted ransomware attacks against enterprises and government agencies are likely to surge in the coming months as "ransomware as a service" continues to evolve into a lucrative model for cybercriminals, security experts interviewed at RSA 2020 warn.

Conti ransomware gang also breached Ireland Department of Health (DoH)

Security Affairs

Conti ransomware also breached the network of Ireland’s Department of Health (DoH) but the ransomware failed to encrypt the systems. Researchers from BleepingComputer revealed that the Conti ransomware gang demanded a $20 million ransom.

Researchers Mixed on Sanctions for Ransomware Negotiators

Threatpost

Government Malware evil corp fines penalties ransomware ransomware negotiators Sanctions to pay or not pay treasury departmentFinancial institutions, cyber-insurance firms, and security firms have all been put on notice by the U.S. Department of the Treasury.

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert

Data Breach Today

DoppelPaymer Hit Comes as Ransomware Attacks - and Data-Leaking Shakedowns - Surge The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware.

Are Ransomware Attacks the New Pandemic?

Dark Reading

Ransomware has been a problem for decades, so why is government just now beginning to address it

REvil Ransomware spokesman releases an interview on recent attacks

Security Affairs

The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based firms. SecurityAffairs – hacking, REvil ransomware).

Latest Ransomware Trends: Lessons to Learn

Data Breach Today

Learning From Difficult Recoveries and Advice in Government Alerts As ransomware attacks on the healthcare sector continue to surge, entities should heed the lessons emerging from these incidents as well as the advice provided in alerts from government agencies, security experts say

Vancouver Metro Disrupted by Egregor Ransomware

Threatpost

Government Hacks IoT Malware Compass cyberattack egregor Encryption kiosks Kmart malware ransom note ransomware ransomware gang Translink Vancouver metro

Law enforcement announced global action against NetWalker Ransomware

Security Affairs

and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. and Europe have seized the dark web sites used by NetWalker ransomware operators. and foreign government organizations. SecurityAffairs – hacking, ransomware).

Iranian Hacking Group Suspected of Deploying Ransomware

Data Breach Today

ClearSky: 'MuddyWater' APT Linked to Attacks Targeting Israel, Others A hacking group with links to Iran's government is suspected of using ransomware in attempts to damage the systems of organizations in Israel and other countries, the security firm ClearSky reports

Georgia Election Data Hit in Ransomware Attack

Threatpost

With Election Day approaching, local governments need to be prepared for malware attacks on election infrastructure.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. Ransomware rEvil Sodinokibi Synoptek

Ransomware Protection in 2021

eSecurity Planet

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. A ransomware attack is about as bad as a cyber attack can get. Jump to: What is ransomware? How ransomware works. Ransomware types.

What’s Next for Ransomware in 2021?

Threatpost

Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts.