Tag Archive for: firms

Feds disrupt major ransomware group targeting schools, law firms, hospitals

/in


The U.S. Department of Justice has disrupted a major ransomware group — and enabled some people to restore their systems — with South Florida playing a central role in the cybercrime investigation, authorities said.

The FBI this month seized several websites operated by the Blackcat ransomware group, launched a disruption campaign, and “gained visibility” into the group’s computer network, according to an affidavit supporting a search warrant unsealed Tuesday in the Southern District of Florida.

The FBI developed a decryption tool that allowed its field offices nationwide and international law enforcement partners to offer more than 500 affected victims the capability to restore their computer systems, the Justice Department said. To date, the FBI has saved victims from ransom demands totaling approximately $68 million.

“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said Deputy Attorney General Lisa Monaco in a statement Tuesday.

The FBI Miami Field Office is leading the investigation and the case involves federal prosecutors in Miami.

The Blackcat ransomware group is also known as ALPHV or Noberus. Ransomware is malicious software that denies individuals access to computer systems until one pays a ransom. Typically, cybercriminals encrypt an individual’s computer and then demand a ransom before decrypting it. Payment is usually requested in cryptocurrency and to addresses controlled by the criminals.

“With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online,” she noted. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”

A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.

A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.

Over the past 18 months, ALPHV/Blackcat has become the second most prolific ransomware in the world based on the hundreds of millions of dollars in ransom paid by victims, the…

Source…

Eastern European energy, defense firms subjected to updated MATA attacks – SC Media

/in



Eastern European energy, defense firms subjected to updated MATA attacks  SC Media

Source…

Most Canadian firms pay a ransomware gang, latest CIRA survey suggests

/in


The vast majority of organizations in this country are still giving in and paying ransomware gangs after successful attacks, the annual survey of infosec pros by the Canadian Internet Registry Authority (CIRA) suggests.

That’s one possible conclusion from the results of an online survey of 500 Canadian cybersecurity professionals from organizations that had at least 50 employees that was released Tuesday by CIRA.

CIRA oversees the .ca registry.

Released in conjunction with Cybersecurity Awareness Month, the survey shows 41 per cent of respondents said their organization had experienced an attempted or successful cyber attack in the last 12 months. Of those, 23 per cent said that their organization had been a victim of a successful ransomware attack in the last 12 months, one per cent more than 2022.

And of those, 70 per cent said their organization paid ransom demands — and nearly a quarter of those paid up to $100,000. The responses are roughly similar to those of previous CIRA surveys. In 2022, 73 per cent of those hit by ransomware said their firm paid up, while 69 per cent said their firm paid a ransom in 2021.

The numbers “went the wrong way in terms of a trend this year,” admitted Jon Ferguson, CIRA’s general manager of cybersecurity.

“The challenge for a lot of organizations is if they’re not well prepared for an attack before it happens, remediation may not be easy,” he said. “So they perceive paying is the simplest resolution of the problem. Maybe they lack the ability to recover without getting access (to data) back.”

They may also be worried about damage to their reputation if word gets out about a ransomware attack, he added.

Asked why in 2023 an organization would not be well prepared for ransomware, Ferguson said some firms may have trouble understanding the threats new technologies adopted by IT will pose.

He also noted evidence in the survey numbers that IT pros recognize ransomware is a problem. Three-quarters of respondents said they would support a law forbidding organizations from making ransom payments. (That’s up from 64 per cent in the 2021 survey).

Among other troubling survey numbers pointed out to Ferguson, 64 per cent of…

Source…

Hackers exploited flaw in Eden Prairie firm’s software in record year for ransomware attacks

/in


Source…