Tag Archive for: Encounters

We must treat cyber wars the same as we treat conventional military encounters

/in


Pictures and videos emanating from Ukraine show the widespread destruction wrought by Russian troops during a year-long war that continuously generates news coverage. But there is another side to this conflict that is lesser known and harder to see.

A parallel war has been running alongside Russia’s conventional ground invasion, one that involves unrelenting cyber attacks across various segments of Ukrainian society, if with less success than many experts initially anticipated. Mixed results aside, this cyber warfare at times has been significant enough that lines are being blurred between where cyber attacks stop and conventional warfare begins.

Since the start of the invasion in late February 2022, Russian actors have attacked Ukraine with two primary goals: to damage critical infrastructure and to exfiltrate or destroy data. According to Ukraine’s Computer Emergency Response Team, more than 2,000 cyber attacks plagued Ukraine in 2022 alone. Taking it a step further, at least eight different forms of malware have been used by Russian saboteurs in the past year, according to Microsoft, 40 percent of which were targeted at “critical infrastructure sectors.” Other targets included Ukrainian government websites, financial institutions, energy and communication service providers, and media outlets.

Russia’s intense use of cyber attacks in Ukraine predates its ground invasion by at least eight years. When Russia invaded the Crimean Peninsula in 2014, suspected Russian hackers knocked out power to 230,000 customers in western Ukraine. Two years later, suspected Russian hackers used malware to disrupt Ukrainian airports, railways and banks. One month before its ground invasion last February, Russia launched a massive cyber attack targeting government institutions in an attempt to weaken Ukraine’s position ahead of the impending military action.

These types of crimes aren’t unique to Ukraine and exist in the absence of active war. In 2007, hackers attacked Estonia in what is believed to be the first major cyberattack on an entire country, crippling banks, government websites and media companies. Closer to home, a ransomware attack in 2021 disabled the…

Source…

Cyber insurance market encounters ‘crisis moment’ as ransomware costs pile up

/in


Written by Tim Starks
Aug 23, 2021 | CYBERSCOOP

It’s a sure sign of trouble when leading insurance industry executives are worried about their own prices going up.

Two separate CEOs of major insurance giants remarked in recent weeks about a considerable jump in cyber insurance premium prices: AIG’s chief executive said rates increased by 40% for its clients, while Chubb’s chief executive said that company was charging more, too.

Rather than welcoming the trend, Chubb CEO Evan Greenberg offered a warning. Those price increases, he said, still don’t reflect the grave risk that a catastrophic cyber event poses. “That is not addressing by itself the fundamental issue,” he said.

Those are just two data points about how, in the past year, the evolution of ransomware has radically altered the landscape of cyber insurance, according to analysts inside and outside the industry. Cyber insurance covers a range of ransomware-related costs, like extortion demands, remediation efforts and other losses.

Ransomware now accounts for 75% of all cyber insurance claims, up from 55% in 2016, according to the credit ratings agency AM Best. The percentage increase in claims is outpacing that of premiums, said a June report which concluded that “the prospects for the cyber insurance market are grim.” Fitch Ratings in April found that the ratio of losses to premiums earned was at 73% last year, jeopardizing the profitability of the industry.

A lack of profitability could lead to yet more premium increases, insurers fleeing the cyber insurance market or policyholders receiving more limited coverage. Problems in the cyber insurance marketplace stand to limit its ability to be a force for effective data protection techniques in the wider private sector, as clients look to insurers for guidance on specific security tools and measures.

“For the cyber insurance market, we are in the very first and most pivotal challenge that we’ve ever had,” said Michael Phillips, chief claims officer for Resilience. “This is our crisis moment.”

There’s less agreement about what could turn things around. Some changes are underway, with…

Source…

Strange “ransomware” title pushes surveys, knows Close Encounters tune

/in

A popup box displayed on computers infected by Shadowlock.
Symantec

If your PC’s CD tray opens and you hear the iconic, five-note tune from the movie Close Encounters of the Third Kind, it’s probably not a visit from aliens. Chances are it’s a newly discovered piece of malware with some highly unusual characteristics.

Trojan.Shadowlock belongs to a category of malicious software known as ransomware, which typically locks down data and resources until the victim pays a hefty fee. But in this case, according to Symantec researchers, the malware demands the user of the disabled computer complete an online survey.

Shadowlock isn’t as nasty as other ransomware samples that threaten criminal prosecutions based on trumped up charges and then extort fees that can be in the hundreds of dollars. That’s because this latest threat, which was created with Microsoft’s .Net developer tool, can be easily bypassed. Still, it contains several dormant functions that could be invoked in future versions. The ability to kill Chrome, Internet Explorer, and other browsers is one capability. Eating up disk space and disabling the Windows firewall is another.

Read 1 remaining paragraphs | Comments

    


Ars Technica » Technology Lab