Tag: Law” | Page 2

Prominent Sacramento law firm sues for $1 million after falling prey to ransomware attack

February 29, 2024/in Internet Security

A prominent Sacramento law firm that represents police officers and sheriff’s deputies in the capital region is suing a computer firm for more than $1 million alleging that, after hiring the company to provide cybersecurity, the law firm was hit with a ransomware attack.

The Mastagni Holstedt law firm filed the suit in Sacramento Superior Court this week against Lantech LLC, claiming that because of the cyberattack last year, Mastagni Holstedt was forced to pay a ransom to regain access to its data.

An office manager at Lantech who would not give her name Wednesday morning declined to comment when reached by phone, saying she knew nothing about the suit, which names Lantech, former Lantech owner Terry Berg and backup computer data storage company Acronis Inc.

Lantech did not respond to a subsequent email request for comment, and Acronis denied any responsibility for the cyberattack.

Law firm founder Davis Mastagni also did not respond to a request for comment.

The lawsuit alleges the attack came from a group known as “Black Basta,” a Russian-speaking group first detected in early 2022 that has been blamed for hundreds of ransomware attacks that have resulted in payments of more than $100 million by firms seeking to retrieve data.

“In its first two weeks alone, at least 20 victims were posted to its leak site, a Tor site known as Basta News,” according to a March 2023 “threat profile” by the U.S. Health and Human Services Department’s Office of Information Security. “It exclusively targets large organizations in the construction and manufacturing industries, but was also observed to target other critical infrastructure, including the health and public health sector.

“While primarily targeting organizations within the United States, its operators also expressed interest in attacking other English-speaking countries’ organizations in Australia, Canada, New Zealand, and the United Kingdom. Threat actors that used the ransomware have additionally impacted organizations based in the United States, Germany, Switzerland, Italy, France, and the Netherlands.”

The group has extorted at least $107 million in bitcoin from targets, according to a November report by Reuters news…

Source…

Authorities Claim LockBit Admin “LockBitSupp” Has Engaged with Law Enforcement

February 25, 2024/in Internet Security

LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said.

The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue accounts on third-party services like Mega, Protonmail, and Tutanota used by the criminals have been shuttered.

“We know who he is. We know where he lives. We know how much he is worth. LockbitSupp has engaged with law enforcement,” according to a message posted on the now-seized (and offline) dark web data leak site.

The move has been interpreted by long-term watchers of LockBit as an attempt to create suspicion and sow the seeds of distrust among affiliates, ultimately undermining trust in the group within the cybercrime ecosystem.

According to research published by Analyst1 in August 2023, there is evidence to suggest that at least three different people have operated the “LockBit” and “LockBitSupp” accounts, one of them being the gang’s leader itself.

However, speaking to malware research group VX-Underground, LockBit stated “they did not believe law enforcement know his/her/their identities.” They also raised the bounty it offered to anyone who could message them their real names to $20 million. It’s worth noting that the reward was increased from $1 million USD to $10 million late last month.

LockBit – also called Gold Mystic and Water Selkie – has had several iterations since its inception in September 2019, namely LockBit Red, LockBit Black, and LockBit Green, with the cybercrime syndicate also secretly developing a new version called LockBit-NG-Dev prior to its infrastructure being dismantled.

“LockBit-NG-Dev is now written in .NET and compiled using CoreRT,” Trend Micro said. “When deployed alongside the .NET environment, this allows the code to be more platform-agnostic. It removed the self-propagating capabilities and the ability to print ransom notes via the user’s printers.”

One of the notable additions is the inclusion of a validity period, which continues its operation only if the…

Source…

Notorious ransomware provider LockBit taken over by law enforcement

February 20, 2024/in Internet Security

Washington — A ransomware service provider that has targeted over 2,000 systems across the globe, including hospitals in the U.S., with demands for hundreds of millions of dollars was taken down Monday, and Russian nationals were charged as part of an international plot to deploy the malicious software, the Justice Department announced Tuesday.

Known as LockBit, the network of cybercriminals targets critical components of manufacturing, healthcare and logistics across the globe, offering its services to hackers who deploy its malware into vulnerable systems and hold them hostage until a ransom is paid. The attackers have so far extorted more than $120 million from their victims, officials said, and their program has evolved into one of the most notorious and active.

As part of this week’s operation, the FBI and its law enforcement partners in the United Kingdom seized numerous public-facing platforms where cybercriminals could initiate contact with and join LockBit. Investigators also seized two servers in the U.S. that were used to transfer stolen victim data.

The front page of LockBit’s site has been replaced with the words “this site is now under control of law enforcement,” alongside the flags of the U.K., the U.S. and several other nations, the Associated Press noted.

A screenshot from Feb. 19, 2024 shows a take down notice that a group of global intelligence agencies issued to a dark web site called Lockbit.

Handout via Reuters

According to Attorney General Merrick Garland, the U.S. and its allies went “a step further” by obtaining the “keys” that can unlock attacked computer systems to help victims “regain access to…

Source…

Government agrees law to protect confidential journalistic material from state hacking

February 20, 2024/in Computer Security

The government has agreed to bring in legislation to require MI5 and GCHQ to seek independent authorisation before accessing confidential journalistic material obtained through the bulk hacking of phones or computer systems.

The Investigatory Powers (Amendment) Bill, which was debated in the House of Commons yesterday (Monday 19 February), will require the intelligence services to seek independent approval from the investigatory powers commissioner before accessing journalistic material or material that could identify a confidential journalistic source.

The concession follows a seven-year legal challenge brought by human rights organisation Liberty with the support of the National Union of Journalists (NJU).

It follows separate warnings from technology companies and rights organisations that proposed changes to the Investigatory Powers Act would disrupt the ability of technology companies to apply security updates and introduce end-to-end encryption.

The government has asked Liberty to drop legal proceedings against it in the light of a proposed amendment to the Investigatory Powers Bill 2016 that will require an independent body to review all requests to search and retain confidential journalistic information obtained through bulk hacking of computers, phones and tablets.

Tag Archive for: Law”

Journalists exposed to state surveillance and interference