Tag Archive for: Encryption

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

/in


The BianLian ransomware group is ramping up its operations and maturing as a business, moving more swiftly than ever to compromise systems. It’s also moving away from encryption to pure data-theft extortion tactics, in cyberattacks that have so far bagged at least 116 victims, researchers have found.

BianLian, first discovered last July, hasn’t deviated much from its initial tactic: deploying a custom go-based backdoor once it infiltrates a network. The functionality of the malware essentially remains the same except for a few tweaks, researchers from Redacted said in a blog post published today.

However, the swiftness with which the group’s command-and-control server (C2) deploys the backdoor has increased, and the group notably has moved away from ransoming encrypted files to focusing more on pure data-leak extortion as a means to extract payments from victims, the researchers said.

“BianLian has discovered that they don’t need to actually encrypt victim networks to get paid,” Adam Flatley, vice president of intelligence at Redacted, says.

This shift to focus on data-leak extortion is “extremely dangerous,” because it allows the group to take the time and effort to tailor the threats to specific victims and exert more pressure to pay ransoms, he adds.

“BianLian will have an even stronger pressure position on trying to force their victims to not work with the FBI, to not report the incident, and just pay the ransom and move on,” Flatley says.

BianLian’s motivation for changing its encryption strategy is likely a response to Avast’s release of an encryption tool for organizations that have been targets of the group to unlock their files, the researchers noted.

Given that BianLian has used double-extortion methods from the outset — threatening to release a victim organization’s stolen data online if a ransom wasn’t paid by a certain deadline — the group decided to skip the encryption step and go right to extortion, according to Redacted.

Maturing As a Cyberattack Business

This shift is part of BianLian’s overall evolution and maturation as a business, the researchers said. While from its inception the group has had “a high level of operational security and skill in network…

Source…

Tech Deep Dive- Apple Advanced Data Protection for iCloud Explained

/in



CISA, FBI recovery tool no match for updated ESXiArgs ransomware encryption

/in



Malwarebytes researchers noted that vulnerable VMware ESXi virtual machines impacted with the updated ESXiArgs ransomware could not be decrypted with the data recovery script issued by the …

Source…

Researchers claim method to break encryption using existing quantum computer

/in


A group of Chinese researchers has claimed to be able to break a widely used encryption scheme with a quantum computer that already exists, creating a possible boon for surveillance and a crisis for data protection.

The two dozen researchers from seven research institutions in China authored a paper describing a method using a 372-qubit computer to break RSA encryption instead of the theoretical quantum computer with tens of millions of qubits that was previously thought to be needed.

The implications are serious.

CONGRESS WANTS FEDERAL AGENCIES TO DEPLOY QUANTUM-SAFE ENCRYPTION

“Quantum computing has the capability to break the encryption on which most enterprises, digital infrastructures, and economies rely, rendering today’s encryption methods useless,” said Bryan Ware, CEO of LookingGlass Cyber Solutions. “That means that all secrets are at risk — nuclear weapons, banks, business IP, intelligence agencies, among other things, are at risk of losing their confidentiality and integrity.”

Quantum computing is still in its infancy, but cybersecurity experts have worried that quantum computers will eventually become powerful enough to break popular encryption schemes within minutes instead of the thousands of years needed by conventional modern computers. That possibility was supposed to be several years away, however.

Just in December, Congress enacted a law requiring the Office of Management and Budget to prioritize federal agencies’ acquisition of IT systems using post-quantum cryptography in an effort to deal with future advances in quantum computing.

But if the Chinese researchers are correct, the future is now. In November 2022, IBM announced it had built a working 433-qubit computer, larger than the quantum computer the researchers say is needed to break RSA encryption.

Still, the researchers’ claims have been met with skepticism in some cybersecurity circles.

The Chinese research is theoretical, and the underlying research it’s based on is “highly controversial,” Ware told the Washington Examiner. The paper may…

Source…