Tag Archive for: agreement

UK among countries to sign ransomware payments agreement

/in


The UK is among more than 40 countries to have signed a pledge agreeing that central government funds should not be used to pay ransomware demands to cyber criminals.

A joint statement from the Counter Ransomware Initiative (CRI) said the countries “would lead by example” by not paying ransomware demands and “strongly discourage anyone” from doing so.

The UK’s National Cyber Security Centre (NCSC) has always advised businesses and individuals to never pay ransomware demands, and it has been long-standing Government policy to not do so.

The agreement has also been signed by countries including the US, Australia, Canada, France, Germany, Japan and South Korea, as well as Interpol.

Security minister Tom TugendhatSecurity minister Tom Tugendhat

Security minister Tom Tugendhat hailed the pledge ‘an important step forward’ (PA)

Security minister Tom Tugendhat said the agreement would help set a new “global norm”.

“Crime shouldn’t pay. That’s why the UK and her allies are demonstrating leadership on cybersecurity by pledging not to pay off criminals when they try and extort the taxpayer using ransomware,” he said.

“This pledge is an important step forward in our efforts to disrupt highly organised and sophisticated cyber criminals, and sets a new global norm that will help disrupt their business models and deter them from targeting our country.”

Ransomware is a type of malicious software used by cyber criminals which often encrypts or steals data once it has gained access to a computer system.

The victim is then told to pay a large fee – often in cryptocurrency, which is harder to trace – in order to get their files back.

However, cybersecurity experts, including those at the NCSC, argue that paying a fee only benefits the criminals as it provides an incentive to continue offending and it does not guarantee the release of the affected data – a stance the CRI has now publicly backed in the agreement.

NCSC chief operating officer Felicity Oswald said: “Ransomware poses a significant threat to organisations in the UK and around the world and so international collaboration is essential for bearing down on cyber-criminal operations.

“The joint statement today demonstrates that the UK and a like-minded community of countries…

Source…

Eight years since the Obama-Xi agreement, Chinese hacking is worse than ever

/in


SAN FRANCISCO — Eight years ago, the United States and China reached an historic treaty agreement that was designed, in part, to end a persistent deluge of cyberattacks targeting American businesses to steal their corporate secrets and intellectual property.

At the time, then-President Barack Obama lauded the agreement in a joint press conference with China President Xi Jinping, saying it marked a “common understanding” between the two nations “that neither the U.S. or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”

Eight years later, that sentiment has aged like warmed over milk.

Chinese hackers did not stop targeting American businesses, but according to security experts at Google, they have evolved to become significantly more aggressive and innovative in the years since.

“I’ll tell you investigating intrusions that are orchestrated by China threat actors today are very different than investigating intrusions from … before the Obama/Xi treaty agreement in 2015,” said Charles Carmakal, chief technology officer at Google Mandiant, at an April 24 briefing held during the RSA 2023 Conference in San Francisco.  

Prior to the agreement, hackers associated with China were broad and unfocused in the businesses they hacked. Today, a range of threat groups operating in China or working directly on behalf of Beijing to target valuable actors and specific industries with laser-like precision, including defense contractors, telecommunications firms, government agencies and technology companies. Most of those industries tend to manage, own or operate chunks of IT infrastructure on behalf of hundreds, thousands or millions of clients, meaning they can offer a potential pathway to infecting downstream customers, the way Chinese hackers did in the 2021 Microsoft Exchange attacks.

Chinese threat groups’ strategies and tactics change since 2015 agreement

These have also altered their strategies and tactics to increasingly target edge devices like virtual private networks (VPN) and other remote access solutions, firewalls and hypervisors

Source…

Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC | News

/in


NOVATO, Calif.–(BUSINESS WIRE)–Feb 1, 2023–

Radiant Logic, the Identity Data Fabric company, announced today that it has entered into a definitive agreement to acquire Brainwave GRC, a leader in Identity Governance and Analytics (IGA) headquartered in France. Together, Radiant Logic and Brainwave GRC address a broad set of identity use cases, and the acquisition accelerates the companies’ shared vision of an Identity Data Fabric that uses the science of data to ensure the right information is in place to make the right policy decisions.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230201005046/en/

“Demand is increasing for cyber security, governance and compliance solutions that help companies address the continually evolving security threats, especially as regulatory environments and fines become more prevalent,” said Joe Sander, CEO of Radiant Logic. “By joining forces with Brainwave we will be able to unlock tremendous value for current and future customers by unleashing the power of identity data to help truly transform an organization’s IT landscape. Our combined platform will allow organizations to add unprecedented agility and flexibility in their infrastructure and business processes, while improving business continuity and security posture and reducing the total cost of ongoing regulatory compliance and IAM or IGA programs.”

Cyril Gollain, CEO and co-founder of Brainwave GRC, stated: “Merging with Radiant Logic is the natural next step for Brainwave GRC, providing transformative value for both our customers and employees alike. Together, this combined platform offers exceptional new insight into the role of identity data in the enterprise, and accelerates innovations in the area of analytics and IGA. We are delighted to benefit from Radiant Logic’s proven success, and when combined with our experience and reach in EMEA, it will allow us both to further expand and flourish.”

The acquisition will strengthen both Radiant Logic and Brainwave GRC’s respective market positions as identity, analytics and intelligence experts by offering a new lightweight…

Source…

Group-IB, sirar by stc sign agreement to bolster KSA cybersecurity benchmarks

/in


Dubai — Group-IB, one of the global leaders in cybersecurity, is pleased to announce that it has signed a partnership agreement with sirar by stc, a cutting-edge Saudi cybersecurity provider. The agreement was signed in the presence of Mohammad Flaifel, Group-IB’s Regional Sales Manager for Saudi Arabia, and Abdulrahman Al Manea, Chief Product and Marketing Officer of sirar by stc, in the Saudi capital, Riyadh.

The agreement paves the way for Group-IB to provide its full stack of threat hunting and intelligence solutions, recognized as some of the best in class by Gartner, IDC, Frost & Sullivan, and KuppingerCole Analysts AG, to sirar by stc to bolster the cybersecurity options available to companies and organizations in Saudi Arabia. These solutions include Group-IB’s best of breed Attack Surface Management and Digital Risk Protection solutions. sirar by stc will be able to offer Group-IB’s solutions as a managed service to their customers, to ensure that they have better visibility on their attack surface. 

 

Fig 1 – Group-IB’s trailblazing Attack Surface Management solution

“Group-IB is delighted to deepen its cooperation with sirar by stc, a leading player in Saudi Arabia’s digital security transformation. Group-IB considers this to be a milestone achievement for the company. Group-IB is looking forward to offering its sector-leading expertise and extensive knowhow to sirar by stc, and we will look to enrich the services catalog that sirar by stc provides to its trusted clients. We see this partnership as a way to contribute to the continuing uptick in cybersecurity benchmarks in Saudi Arabia,” Ashraf Koheil, Group-IB’s Regional Sales Director META, said.

“Our partnership with Group-IB underscores our continued commitment towards enhancing the cybersecurity detection and protection within the Kingdom of Saudi Arabia. This collaboration allows sirar by stc to provide best in class Attack Surface Management and Digital Risk Protection to our customers, allowing them with the confidence to identify and protect against threats that might impact their business.” Abdulrahman Al Manea. Chief Product and Marketing Officer from sirar by stc,…

Source…