WASHINGTON – An indictment was unsealed today in the District of Columbia charging a Russian national with participating in a global ransomware campaign which deployed ransomware variants against victims in the District of Columbia, the United States, and around the world. Mikhail Pavlovich Matveev, alleged to use the online monikers Wazawaka, m1x, Broriscelcin, and Uhodiransomwar,…
Category: Commentaries and Analyses
Insured companies more likely to be ransomware victims, sometimes more than once
Maria Korolov reports: Back in 2019, fewer than 20% of enterprises suffered repeat ransomware attacks, while during the pandemic, the percentage rose to around 30%. And it didn’t stop with the pandemic, with 38% of organizations surveyed in 2022 reporting two or more successful ransomware attacks, those that attackers were able to lock systems, encrypt…
Russian National Charged with Ransomware Attacks Against Critical Infrastructure
The Justice Department today unsealed two indictments charging a Russian national and resident with using three different ransomware variants to attack numerous victims throughout the United States, including law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide. According to the indictment obtained in the District…
Our Definition of Harm Is Harmful
Bill Fitzgerald writes: In April 2023, the class action lawsuit against Illuminate Education was thrown out because the judge in the case determined that the people whose data was impacted by the breach could not show any harm, or any instances of identity theft, from the breach. This decision is both fully in line with past situations…
Ransomware corrupts data, so backups can be faster and cheaper than paying up
Simon Sharwood reports: Ransomware actors aim to spend the shortest amount of time possible inside your systems, and that means the encryption they employ is shoddy and often corrupts your data. That in turn means restoration after paying ransoms is often a more expensive chore than just deciding not to pay and working from our…
CrowdStrike finds new ransomware-as-a-service group targeting VMWare ESXi servers (5 tips to fight back)
Nancy Liu reports: CrowStrike discovered a new ransomware-as-a-service (RaaS) group — MichaelKors (formerly Qilin) — targeting VMWare ESXi servers since last month. The VMWare ESXi is a hypervisor that runs and manages virtual machines (VMs) directly on a dedicated host’s hardware. The products associated with the ESXi platform include VMware vSphere Hypervisor, vCenter, ONE Access or Identity…