As part of its roll-out of news about the LockBit disruption, the governments involved have provided additional information and resources. One of the resources is an article by Secureworks. The summary of their article: Summary The GOLD MYSTIC threat group has operated the LockBit name-and-shame ransomware-as-a-service (RaaS) scheme since mid-2019, exploiting unauthorized access to thousands…
Category: Commentaries and Analyses
HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring
HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involving Green Ridge Behavioral Health managed to fly mostly under the media radar at the time. DataBreaches was not even aware that it was a ransomware attack as when this site contacted Green Ridge back then to inquire about the…
Update on INTEGRIS Health data breach: incident response criticized by patients
In December, INTEGRIS Health disclosed a cyberattack in November in which threat actors contacted patients directly to extort them when INTEGRIS wouldn’t pay their demands. DataBreaches subsequently reported additional details. On February 6, INTEGRIS updated its breach notice. The updated website notice incorporates the kind of language that advocates for transparency and data protection may…
HC3: Analyst Note: Akira Ransomware
February 7, 2024 TLP:CLEAR Report: 202402071200 Executive Summary Akira ransomware is a relatively new ransomware gang that has demonstrated aggressive and capable targeting of the U.S. health sector in its short lifespan. U.S. healthcare organizations are advised to follow the steps in this alert to minimize their risk of attack. Overview Akira ransomware was first…
Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline
Chainalysis got everyone’s attention with their new report. They write, in part: 2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update. Ransomware payments in 2023 surpassed…
Protect Good Faith Security Research Globally in Proposed UN Cybercrime Treaty
Statement to be submitted by the Electronic Frontier Foundation, accredited under operative paragraph No. 9 of UN General Assembly Resolution 75/282, on behalf of 124 signatories. We, the undersigned, representing a broad spectrum of the global security research community, write to express our serious concerns about the UN Cybercrime Treaty drafts released during the sixth session and the most recent…