Julian E. Barnes reports: The U.S. military has taken actions against ransomware groups as part of its surge against organizations launching attacks against American companies, the nation’s top cyberwarrior said on Saturday, the first public acknowledgment of offensive measures against such organizations. […] General Nakasone would not describe the actions taken by his commands, nor…
Category: Commentaries and Analyses
TSA issues security rules for rail operators
Lindsey O’Donnell-Welch reports: New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents. Starting on Dec. 31, “high-risk” operators and owners across the rail sector must take a number of steps to bolster the cybersecurity of their systems. They must…
Who Is the Network Access Broker ‘Babam’?
Brian Krebs reports: Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In this post we’ll look at…
FBI says the Cuba ransomware gang made $43.9 million from ransom payments
Catalin Cimpanu reports: The US Federal Bureau of Investigations said today that the operators of the Cuba ransomware have earned at least $43.9 million from ransom payments following attacks carried out this year. In a flash alert sent out on Friday, the Bureau said the Cuba gang has “compromised at least 49 entities in five critical…
Z-CERT: “Small healthcare institutions are generally more vulnerable than large healthcare institutions, such as hospitals”
Interview with the director Wim Hafkamp and security specialist Jan Hanstede of Z-CERT by the DeCrisis manager Which type of healthcare institutions do you feel are the most vulnerable to such a threat? “Small healthcare facilities are generally more vulnerable than large healthcare facilities, such as hospitals. This is because they have less feeling for IT. They…
Double Extortion Ransomware Victims Soar 935%
Phil Muncaster reports: Researchers have recorded a 935% year-on-year increase in double extortion attacks, with data from over 2300 companies posted onto ransomware extortion sites. Group-IB’s Hi-Tech Crime Trends 2021/2022 report covers the period from the second half of 2020 to the first half of 2021. During that time, an “unholy alliance” of initial access brokers and…