Tag Archive for: grows

Ransomware payments hit $1bn in 2023 as cybercrime grows — Report


Ransomware actors got over $1billion in extorted cryptocurrency payments from victims in 2023.

These actors, who targeted high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies, exploited file transfer software MOVEit for their operations, a report from Chainalysis revealed.

In a snippet of its anticipated, ‘2024 Crypto Crime Report,’ the blockchain firm disclosed that firms like BBC and British Airways were victims of attacks in the year.

Last year’s developments highlighted the evolving nature of cyber threats and their increasing impact on global institutions and security at large. The payments in 2023 have been the highest ever recorded, and according to the firm, it still does not capture the economic impact of productivity loss and repair costs associated with attacks.

The blockchain firm noted that the ransomware landscape is not only prolific but continually expanding, making it challenging to monitor every incident or trace all ransom payments made in cryptocurrencies. “It is important to recognise that our figures are conservative estimates, likely to increase as new ransomware addresses are discovered over time.

“For instance, our initial reporting for 2022 in last year’s crime report showed $457million in ransoms, but this figure has since been revised upward by 24.1 percent,” the firm said.

Ransomware is a type of malicious software that encrypts data, making it inaccessible to the owner. It is when someone else takes files hostage and demands a ransom payment in exchange for unlocking them.

Chainalysis explained that ransomware attacks are carried out by a variety of actors, from large syndicates to smaller groups and individuals, with the numbers on the rise. Allan Liska, Threat Intelligence Analyst at cybersecurity firm, Recorded Future, said. “A major thing we are seeing is the astronomical growth in the number of threat actors carrying out ransomware attacks.”

While threat actors might have had a field day in 2023, the fight against ransomware with collaboration between international law enforcement, affected organisations, cybersecurity firms, and blockchain intelligence also recorded…

Source…

Russian cyber-attacks ‘relentless’ as threat of WW3 grows, expert warns


Cyberattacks by the UK’s enemies are becoming “relentless” as we enter a “new era” of global conflict, an expert has warned.

It comes after Russian hackers allegedly acquired top secret security information on some of the country’s most sensitive military sites, including the HMNB Clyde nuclear submarine base on the west coast of Scotland and the Porton Down chemical weapon lab.

The “potentially very damaging” attack last month by hacking group LockBit, which has known links to Russian nationals, saw thousands of pages of data leaked onto the dark web after private security firm Zaun was targeted, the Sunday Mirror newspaper reported.

Modern warfare

The cyber-attack was ‘likely’ sponsored by the Russian state, an expert said (Nick Potts/PA)

The company, which provides security fencing for sites related to the Ministry of Defence, said it had been the victim of a “sophisticated cyber attack”.

Responding to the news, Kevin Curran, professor of cyber security at Ulster University, told the PA news agency that LockBit’s attack was “serious” as we approach a potential “World War Three” following Russia’s invasion of Ukraine.

He said the raid was “likely” sponsored by the Russian state given the nature of its target and that cyber attacks by Britain’s enemies had become “relentless”.

Professor Curran warned that we were unprepared for this new era as third party companies which hold data on our military infrastructure were not being properly regulated.

He said: “You can’t just expect third party suppliers to adhere to your rules.

“There is always a risk when you have third party suppliers and you do wonder if they adhere to industry best practice.

“It is a worry because everything is online now – cybercrime is the biggest crime in the world.

“Given the new era we are entering which is the brink of World War Three everything is serious.

“They are relentless with these attacks. Their best way into our country is through our cyber-security. This is the nation at risk.

“In this case, given the target, my money would be on this being state-sponsored.”

It comes after Labour MP Kevan Jones, who sits on the Commons Defence Select Committee,…

Source…

Ransomware threat against colleges grows, survey finds


This audio is auto-generated. Please let us know if you have feedback.

Dive Brief: 

  • Ransomware attacks targeted the education sector more than any other industry in the last year, with 79% of surveyed higher education institutions across the world reporting being hit, according to an annual report from Sophos, a U.K.-based cybersecurity firm. 
  • Of the higher ed institutions that reported ransomware attacks, 59% said it resulted in them losing “a lot of” business and revenue. Around one-fourth, 28%, reported smaller losses. 
  • Hackers exploited system vulnerabilities in 4 in 10 higher education ransomware attacks, making them the sector’s most common root issue. Compromised credentials caused another 37% of attacks, while malicious emails led to 12% of reported incidents. 

Dive Insight: 

Sophos’ latest survey suggests that ransomware is increasingly targeting colleges and universities. In 2022’s report, only 64% of higher education institutions said they had been hit by ransomware in the past year — 15 percentage points lower than the share who reported incidents in the latest survey.

In some cases, hackers are ramping up their efforts to get colleges to pay for the return of their data. 

Knox College, a private liberal arts institution in Illinois, made headlines late last year when a hacker group broke into its computer system and accessed student data. The group that took credit for the breach, known as Hive, emailed students saying they had retrieved “personal information, medical records, psychological assessments, and many other sensitive data,” and threatened to sell their social security numbers. 

The attack spurred multiple lawsuits from students, who allege that Knox failed to follow the latest security practices to shield sensitive data. 

“Sophos’ latest report is a clarion reminder that ransomware remains a major threat, both in scope and scale,” said Megan Stifel, chief strategy officer at the Institute for Security and…

Source…

Cyber security breaches are up multiple times as Internet penetration grows




With the rise in penetration and use of digital banking in the country, the number of or incidents in India have gone up multiple times over the last few years.


 


Data accessed by IANS said that incidents related to government institutions have increased significantly, particularly in 2022.


As many as 54,314, 48,285 and 1,92,439 incidents related to government agencies, institutions and undertakings were observed during the years 2020, 2021 and 2022, respectively.


According to official data, total number of cyber security incidents tracked by Indian Computer Emergency Response Team (CERT-In) during the year 2019 was 3,94,499, which spiked to 11,58,208 in 2020 and further increased to 14,02,809 in 2021. Similarly, 13,91,457 cyber security incidents were observed in 2022.


The cyber attack, which put the All India Institute of Medical Sciences (AIIMS) in Delhi out of order on November 23 was one such example. Multiple agencies were roped in to resolve the issues.


Similarly, cyber attackers on December 1 briefly hacked the Ministry of Jal Shakti’s Twitter handle. This was the second major cyber attack on a government site after AIIMS Delhi’s server was majorly hacked.


A Parliamentary standing committee in its report observed that with the advancement of technology, cyber crimes have emerged as a major issue across the globe. The cyber crimes transcend geographical boundaries, which make it tough to track the criminals.


The Committee expressed its deep concerns over the rising trend of cyber crimes in the country. It felt that on this issue, both the Central and state governments need to get together on the same boat to tackle the growing menace of cyber crime.


“The committee observed that traditional training of the police personnel is not sufficient to deal with cyber crimes as these criminals are tech-savvy and are following new modus-operandi on a regular basis,” said the report ‘Police -Training, Modernisation and Reforms’ tabled in the Parliament this month.


The committee in the…

Source…