Tag Archive for: extortion

Washington, D.C. police department hit by apparent extortion attack

/in


WASHINGTON —
The Washington, D.C., police department said Monday that its computer network was breached, and a Russian-speaking ransomware syndicate claimed to have stolen sensitive data, including on informants, that it threatened to share with local criminal gangs unless police paid an unspecified ransom.

The cybercriminals posted screenshots on their dark website supporting their claim to have stolen more than 250 gigabytes of data.

The District of Columbia’s Metropolitan Police Department said in a statement that it had asked the FBI to investigate the “unauthorized access.” There was no indication that any police operations were affected, and the department did not immediately say whether it had been hit by ransomware.

The Babuk group, a relatively new ransomware gang, said on its website that it had “downloaded a sufficient amount of information from your internal networks” and gave the police three days to contact it or “we will start to contact gangs in order to drain the informants.”

Screenshots it posted suggested it has data from at least four computers, including intelligence reports, information on gang conflicts, the jail census and other administrative files. One of the images, apparently of network locations accessed by the criminals, showed a text document on one computer entitled “How To Restore Your Files.”

Such documents generally include instructions on how to contact the ransomware criminals, whose standard operating procedure is to exfiltrate sensitive data from networks they infiltrate as they sow malware that, once activated, encrypts data. Only after receiving payment do the criminals provide software keys that unscramble the data.

So far this year, 26 government agencies in the U.S. have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, said ransomware analyst Brett Callow of the cybersecurity firm Emsisoft. Ransomware victims don’t always pay, often preferring the arduous task of rebuilding networks from backups.

The D.C. police department said it was taking the threat seriously.

“We are aware of unauthorized access on our server. While we determine the full impact and continue to…

Source…

Apple’s Ransomware Mess Is the Future of Online Extortion

/in


On the day Apple was set to announce a slew of new products at its Spring Loaded event, a leak appeared from an unexpected quarter. The notorious ransomware gang REvil said they had stolen data and schematics from Apple supplier Quanta Computer about unreleased products, and that they would sell the data to the highest bidder if they didn’t get a $50 million payment. As proof, they released a cache of documents about upcoming, unreleased MacBook Pros. They’ve since added iMac schematics to the pile. 

The connection to Apple and dramatic timing generated buzz about the attack. But it also reflects the confluence of a number of disturbing trends in ransomware. After years of refining their mass data encryption techniques to lock victims out of their own systems, criminal gangs are increasingly focusing on data theft and extortion as the centerpiece of their attacks—and making eye-popping demands in the process.

“Our team is negotiating the sale of large quantities of confidential drawings and gigabytes of personal data with several major brands,” REvil wrote in its post of the stolen data. “We recommend that Apple buy back the available data by May 1.” 

For years, ransomware attacks involved the encryption of a victim’s files and a simple transaction: Pay the money, get the decryption key. But some attackers also dabbled in another approach—not only did they encrypt the files, but they stole them first and threatened to leak them, adding additional leverage to ensure payment. Even if victims could recover their affected data from backups, they ran the risk that the attackers would share their secrets with the entire internet. And in the past couple of years, prominent ransomware gangs like Maze have established the approach. Today incorporating extortion is increasingly the norm. And groups have even taken it a step further, as is the case with REvil and Quanta, focusing completely on data theft and extortion and not bothering to encrypt files at all. They’re thieves, not captors.

“Data encryption is becoming less of a part of ransomware attacks for sure,” says Brett Callow, a threat analyst at the antivirus firm Emsisoft. “In fact ‘ransomware attack’ is…

Source…

DATA443 ANNOUNCES NEW RANSOMWARE PRODUCT FOR ENDPOINTS IN RESPONSE TO ESCALATING INFECTION COSTS AND EXTORTION RISKS

/in


Capability Removes Requirement for Physical Interaction by IT Staff, Perfect for Hospitals, Schools, Government & Manufacturing

RESEARCH TRIANGLE PARK, NC, April 01, 2021 (GLOBE NEWSWIRE) — Data443 Risk Mitigation, Inc. (“Data443®” or the “Company”) (OTCPK: ATDS), a leading data security and privacy software company, is pleased to announce that its latest privacy-centric endpoint technology – Data443 Ransomware Recovery Manager – is now available.

“The functionality of Data443 Ransomware Recovery Manager is a direct response to the escalating ransomware attacks experienced around the world on a daily basis,” said Jason Remillard, founder and CEO of Data443. “These attacks affect millions of organizations of all sizes and across all sectors – with a high number of attacks primarily targeting three sectors: financial services, healthcare and education.”

“Not only has the incident rate been increasing, the infection rates, costs, and true damages are also increasing year over year, and at an accelerated rate. It is no longer a matter of if but when a ransomware or virus attack hits a business. The Data443 Ransomware Recovery Manager solution was built for the modern enterprise with this attack landscape in mind, and its capabilities are designed to recover a workstation immediately upon infection to the last known business-operable state, without any end user or IT Administrator efforts.”

“Data security continues to be a growing concern for all stakeholders, and having a capability at hand to protect, respond and be back in full operations within minutes is a true differentiator for Data443 and our unique product stack. With the integrated power of Data Identification Manager and Data Archive Manager, we are able to ensure sensitive data is both archived and restored if there is any infection, and with virtually zero down time. Augmented with Data Classification and Data Governance capabilities within the larger Data443 product family, Ransomware Recovery Manager possesses unique capabilities unmatched in this market segment.”

“This new capability demonstrates our commitment to always deliver sophisticated and timely solutions…

Source…

Data extortion ransomware attacks on retailers up over 1,000% during pandemic

/in


Retail organisations reported an increase in ransomware attacks using data extortion in 2020.

According to a new report from global cybersecurity technology company, CrowdStrike, there was a surge in ransomware attacks during the pandemic, with 142 data extortion attacks on retailers in 2020, making it the fourth most-targeted industry globally, up 1,280% by the end of 2020 compared to pre-pandemic in Q1 2020.

Overall during the year data extortion became the most used attack method across all sectors – with 1,430 incidents reported globally in 2020.

Ransomware is malicious software that infects computers and displays messages demanding a fee to be paid in order for a system to work again.

The most targeted sector in 2020 for these kind of attacks was Industrials & Engineering recording 229 successful attacks, followed by Manufacturing at 228 attacks and Technology at 145 attacks.

Although the retail sector may not have been hit the hardest, the estimated economic cost of ransomware attacks on retailers and their associated supply chains could be as high as $85bn to $193bn (£60bn to £138bn) globally.

North America recorded the highest levels of ransomware attacks in 2020 using data extortion at 947 incidents. This is 177% higher than Europe at 342 incidents in second place and 1,313% higher than Asia in third place at 67 incidents.

According to CrowdStrike, 72% of organisations surveyed said they were more concerned about ransomware attacks now, during the Covid-19 pandemic, than before the virus outbreak.

Retail Jeweller has, and always will be, here to support you. While jewellery stores remain closed during lockdown, all of Retail Jeweller’s Covid-19 coverage will be freely available to everyone.

We also understand that you may want to access other content available on our website but may be experiencing financial difficulty. So, for this duration of time, we’ll also be offering 15% off our award-winning content. Click here to subscribe and the discount will have been added for you.

Your subscription includes print copies of Retail Jeweller, unlimited access to retail-jeweller.com and all associated print…

Source…