Tag Archive for: Frankenstein

New Entrants to Ransomware Unleash Frankenstein Malware

/in


Fraud Management & Cybercrime
,
Ransomware

Opportunistic, Less Sophisticated Hackers Test Limits of the Concept of Code Reuse

Mathew J. Schwartz
(euroinfosec)


June 9, 2023    

New Entrants to Ransomware Unleash Frankenstein Malware
Image: maraisea/Pixabay

Ransomware hackers are stretching the concept of code reuse to the limit as they confront the specter of diminishing returns for extortionate malware.

See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm

Users are more reluctant to pay even as opportunistic entrants, perhaps less sophisticated than their predecessors, join the market and show less willingness to abide by the ransomware trade-off: money for system restoration.

At the beginning of the year, experts who work with victims and track the cybercrime ecosystem, including via cryptocurrency flows, reported seeing fewer ransoms being paid and less being paid on average when victims did pay.

Cyber insurer Corvus reported that the percentage of its policyholders who paid a ransom dropped from 33% in 2021 to 28% in 2022. Ransomware incident response firm Coveware reported that for victims it assisted, 41% shelled out in 2022 versus 79% in 2019.

That constricting market – the result of hardening attitudes toward mainly Russian extortion groups and cyber defender activity – isn’t deterring new actors from attempting to cash in on the shrinking bonanza. In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups, cobbling together ransomware rather than going through the trouble of coding bespoke crypto-locking software.

Call it Frankenstein ransomware, said Allan…

Source…

Hacked Firms Face ‘Frankenstein’ of State-Based Cyber Notification Laws

/in


Last summer, Katherine “Kitty” Green received some disturbing news about the computer network at Florida Gulf Coast University, where she oversees a foundation for private donors. An outside data provider warned it had detected that hackers sneaked into the university’s systems and might have made off with sensitive personal information of its benefactors.

Six months later, FGCU sent out notices to 5,498 financial supporters, offering free credit-monitoring and a hot line to call for more information. One reason it took so long is that, after consulting with technical and legal experts, the university concluded that under local laws, it would have to file different notifications in 16 different states.

“Every state has different questions, which makes it much more complicated to know what to do,” Green said. “It was definitely more time consuming than we’d imagined.”

Each of the 50 states has its own breach notification requirements, as does the District of Columbia, Puerto Rico and Guam.

With more businesses, governments and organizations succumbing to cyber-attacks, the lack of a clear and effective reporting standard for threats and breaches has taken on new urgency. Over the weekend, another massive hack of businesses came to light, this time of Microsoft Corp.’s widely used email software and affecting at least 60,000 known victims globally, according to a former senior U.S. official with knowledge of the matter.

That announcement comes hard on the heels of the SolarWinds hack, so called because suspected Russian hackers targeted popular software from Texas-based SolarWinds Corp. As many as 18,000 of its customers received infected updates, though far fewer were targeted with secondary attacks — about 100 private-sector companies and nine U.S. agencies, according to the White House.

Notification Headache

Amid all these attacks, notifying the public has itself become a major headache. That’s because, as data breaches have proliferated, so too has the patchwork of notification requirements.

On the federal level, there are special rules for personal health records and a Securities and Exchange Commission directive that public companies inform…

Source…