Massive financial gains continue to be one of the top motivating factors behind cyberattacks.
The Information Technology – Information Sharing and Analysis Center (IT-ISAC) has been tracking ransomware incidents and trends since 2021.
Despite government and law enforcement efforts to take down malicious infrastructure, new ransomware strains continue to emerge.
The company just released its analysis of the 2023 ransomware landscape report and insights for 2024.
Jonathan Braley, Director of the Food and Ag-ISAC joins Veronica Dudo to discuss. #IN AMERICA TODAY #featured #ransomware #ransomwareattacks #foodsupplychain
https://spinsafe.com/wp-content/uploads/2024/04/How-a-ransomware-attack-would-disrupt-the-food-supply-chain-1000x600.png6001000SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-04-16 14:00:112024-04-16 14:00:11How a ransomware attack would disrupt the food supply chain
The FBI and U.S. Department of Justice used court-endorsed legal authorities to disrupt a botnet operated as part of Chinese-directed hacking operations that leveraged insecure home and office routers to target U.S. critical infrastructure, the DOJ said Wednesday.
A Chinese government hacking campaign, tracked publicly as “Volt Typhoon,” used privately owned Cisco and NetGear routers infected with “KV Botnet” malware in an attempt to conceal the activity, the agency said in a statement. The DOJ and FBI operation, the agency added, “deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet.”
An unidentified FBI agent described the operation in court records released Monday, writing that the bureau issued a command to infected routers that would delete the KV Botnet malware from the devices without affecting any legitimate files or information on the routers.
A December 2023 analysis by Lumen, a telecommunications company, showed that the KV Botnet had been active since “at least February 2022,” and targeted edge devices, including routers, “a segment that has emerged as a soft spot in the defensive array of many enterprises, compounded by the shift to remote work in recent years.”
Lumen observed an “uptick in exploitation of new bots” in August 2023, and then a “remodel” of the botnet infrastructure in mid-November 2023.
The disruption operation, first disclosed by Reuters on Monday, is the latest U.S. government action focused on Volt Typhoon, which first came to light in a May 2023 Microsoft advisory. That advisory was followed quickly by a joint advisory issued by the FBI, NSA, and the Cybersecurity and Infrastructure Security Agency that warned of Chinese hacking operations targeting U.S. critical infrastructure and other sensitive targets.
In the wake of the May 2023 disclosure, U.S. national security officials warned repeatedly that the Chinese operation was not an intelligence collection mission. Instead, officials said, it was a preparatory activity that the Chinese government could…
https://spinsafe.com/wp-content/uploads/2024/01/GettyImages-1975567715.jpg12711920SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2024-01-31 17:30:082024-01-31 17:30:08U.S. officials warn of dire Chinese cyber threats in wake of FBI operation to disrupt botnet
The U.S. Department of Justice has disrupted a major ransomware group — and enabled some people to restore their systems — with South Florida playing a central role in the cybercrime investigation, authorities said.
The FBI this month seized several websites operated by the Blackcat ransomware group, launched a disruption campaign, and “gained visibility” into the group’s computer network, according to an affidavit supporting a search warrant unsealed Tuesday in the Southern District of Florida.
The FBI developed a decryption tool that allowed its field offices nationwide and international law enforcement partners to offer more than 500 affected victims the capability to restore their computer systems, the Justice Department said. To date, the FBI has saved victims from ransom demands totaling approximately $68 million.
“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said Deputy Attorney General Lisa Monaco in a statement Tuesday.
The FBI Miami Field Office is leading the investigation and the case involves federal prosecutors in Miami.
The Blackcat ransomware group is also known as ALPHV or Noberus. Ransomware is malicious software that denies individuals access to computer systems until one pays a ransom. Typically, cybercriminals encrypt an individual’s computer and then demand a ransom before decrypting it. Payment is usually requested in cryptocurrency and to addresses controlled by the criminals.
“With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online,” she noted. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”
A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.
Over the past 18 months, ALPHV/Blackcat has become the second most prolific ransomware in the world based on the hundreds of millions of dollars in ransom paid by victims, the…
https://spinsafe.com/wp-content/uploads/2023/12/fa851f5cbdfeee3fa346c1c9b0206178.jpeg6411140SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-12-24 17:30:082023-12-24 17:30:08Feds disrupt major ransomware group targeting schools, law firms, hospitals
President Volodymyr Zelensky of Ukraine arriving at the European Political Community summit in Granada, Spain, on Thursday.Credit…Marcelo Del Pozo/Getty Images
President Volodymyr Zelensky of Ukraine arrived in Spain on Thursday to participate in a European summit aimed at strengthening cooperation across the continent amid concerns about waning support for his country as it faces another winter of Russian aggression.
The Ukrainian leader’s trip to the southern Spanish city of Granada came a day after President Biden expressed worries that the recent political turmoil in Congress could disrupt the flow of U.S. aid to Ukraine.
“I think it’s too late for us to worry. I think we have to work on it,” Mr. Zelensky told reporters at the summit when asked if he was concerned about a possible scaling back of U.S. military aid.
He said that he was confident that the United States would continue to support Ukraine’s war efforts, noting that meetings with Mr. Biden and with Congress members last month were positive.
Mr. Zelensky earlier said that the “joint goal” of those gathering in Granada was “to ensure the security and stability of our common European home.”
“We will pay special attention to the Black Sea region as well as our joint efforts to strengthen global food security and freedom of navigation,” he wrote on X, formerly Twitter. “Ukraine’s key priority, particularly as winter approaches, is to strengthen air defense.”
E.U. leaders are expected to discuss long-term financial aid for Ukraine at a summit planned later this month in Brussels. On Thursday, Ursula von der Leyen, the president of the European Commission, told reporters in Granada that what Ukraine needed was “predictability and reliability” on direct budget support.
“I’m very confident of support for Ukraine from the United States,” she said. “What the United States is working on is the timing.”
Thursday’s meeting in Grenada comes amid concerns about potential cracks in Europe’s united front on Ukraine, as governments reckon with the economic and political costs of providing long-term support for Kyiv.
It is just the third meeting of the European Political Community, a…
https://spinsafe.com/wp-content/uploads/2023/10/04ukraine-briefing-carousel-5pm-01-pmvf-facebookJumbo.jpg5501050SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-10-05 07:00:042023-10-05 07:00:04Biden Worries House Tumult Could Disrupt U.S. Aid to Ukraine: Live Updates
