Q2 Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

Table of Contents

Average Ransom Payment

Data Exfiltration

Types of Ransomware

Attack Vectors

Companies Targeted

Costs of Attacks

If you had told us at the beginning of 2021 that then President elect Biden would be having a nose to nose face off with Putin over ransomware, we would have speculated that some serious escalation must have occurred. In reality, the lackadaisical indifference of one threat actor (DarkSide) set off a compounding series of events that have led us to where we are today. Given the volume of attacks that Ransomware-as-a-service (RaaS) groups conduct, and the de minimis diligence that these groups perform, we are quite certain that the DarkSide affiliate that attacked Colonial Pipeline, had no idea that a) Colonial controlled 45% of the gasoline supply on the US east coast, b) that shutting down that pipeline would cause a consumer run on gasoline, c) that NOTHING gets voters and their duly elected representatives out of their chairs like rising gasoline prices, and finally d) that if you mess with US gasoline prices, you are going to get the attention of the President. Other high profile attacks that would have otherwise garnered 12 hours of media attention were (FINALLY) codified proof that the US indeed has a major problem with ransomware. 

In reality, the volume and severity of ransomware attacks have been extreme but relatively stable for at least 18 months.  The focus and attention could not come at a better time, and the true scope of what US organizations and enterprises are up against may still not be fully appreciated. Ransomware groups now have operating budgets that may rival small nations themselves. For context, in late June, FBI Director Christopher Wray requested an additional $40 million for the FBI’s cybersecurity budget. Coveware estimates that REvil alone may have collected close to $100 million in ransom payments in just the first 6 months of 2021. And that is one group. A note to anyone in Congress reading this, please add at least one zero to Director Wray’s requested cyber budget. What will these groups do with these war chests? So far, we are seeing signs that some groups are moving up market and purchasing more expensive…


AP News in Brief at 6:03 a.m. EDT | National

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

Vaccine inequity: Inside the cutthroat race to secure doses

PARIS (AP) — No one disputes that the world is unfair. But no one expected a vaccine gap between the global rich and poor that was this bad, this far into the pandemic.

Inequity is everywhere: Inoculations go begging in the United States while Haiti, a short plane ride away, received its first delivery July 15 after months of promises — 500,000 doses for a population over 11 million. Canada has procured more than 10 doses for every resident; Sierra Leone’s vaccination rate just cracked 1% on June 20.

It’s like a famine in which “the richest guys grab the baker,” said Strive Masiyiwa, the African Union’s envoy for vaccine acquisition.

In fact, European and American officials deeply involved in bankrolling and distributing the vaccines against coronavirus have told The Associated Press there was no thought of how to handle the situation globally. Instead, they jostled for their own domestic use.

But there are more specific reasons why vaccines have and have not reached the haves and have-nots.

GOP governor’s vaccination tour reveals depths of distrust

TEXARKANA, Ark. (AP) — Free lottery tickets for those who get vaccinated had few takers. Free hunting and fishing licenses didn’t change many minds either. And this being red-state Arkansas, mandatory vaccinations are off the table.

So Republican Gov. Asa Hutchinson has hit the road, meeting face-to-face with residents to try to overcome vaccine hesitancy — in many cases, hostility — in Arkansas, which has the highest rate of new COVID-19 cases in the U.S. but is near the very bottom in dispensing shots.

He is meeting with residents like Harvey Woods, who was among five dozen people who gathered at a convention center ballroom in Texarkana on Thursday night. Most of the audience wasn’t masked, and neither was Hutchinson, who has been vaccinated.

Woods, 67, introduced himself to Hutchinson as “anti-vax” and said that he thinks there are too many questions about the effects of the vaccine and that he doesn’t believe the information from the federal government about them is reliable.

Hutchinson and his top health official…


DVIDS – News – Cyberspace Developer’s Course Critical to Retention and National Security

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

FORT GEORGE G. MEADE, Md. – Cyber Soldiers and a Marine graduated from the 11-month Tool Developer Qualification Course (TDQC) in a ceremony hosted by the 780th Military Intelligence Brigade (Cyber) at the Post Theater, July 13.

The United States Army has partnered with the University of Maryland Baltimore County (UMBC) to train Soldiers and Marines to become Cyberspace Capability Developers.

The nation’s demand, makes the retention of cyberspace Soldiers more challenging; however, in addition to a unique mission set, programs like 170D, Cyber Capabilities Developer Technician ( warrant officer recruitment; the 780th MI Brigade’s in house certification of Network +; Security +; Certified Ethical Hacker and CISSP; and education partnership programs like TDQC are essential if the U.S. Army and Marine Corps want to retain the “best and the brightest.”

Army Gen. Paul M. Nakasone, commander, U.S. Cyber Command and director, National Security Agency chief, Central Security Service, told the House Armed Forces Committee in March 2020, “I continue to pursue creative ways to leverage our nation’s best and brightest to want to contribute to our missions.”

According to the 780th MI Brigade S3 (operations) program managers, graduates of the TDQC course are proficient to an intermediate level in creating programs using the C and Python computer programming languages, and provides an education path for individuals to become experienced at 90 percent of the identified critical developer requirements that an individual must be able to articulate and demonstrate through practical application in order to be certified as a Cyberspace Capability Developer.

“Its purpose is to educate individuals who have little to no computer programming experience that have been identified through an assessment as having an aptitude and desire to become a computer programmer,” said Sgt. 1st Class Corbin Greeff, a brigade senior Non-Commissioned Officer.

The 2021 TDQC graduating class includes: Spc. William Colley; Spc. Arthur Gould; Staff Sgt….


Internet companies should have more awareness of national security: Global Times editorial

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.

The headquarters of DiDi in Beijing Photo:VCG

The headquarters of DiDi in Beijing Photo:VCG

China has recently noticeably stepped up the supervision over its internet companies. Some leading internet firms are being scrutinized for different reasons. It is believed the series of governance actions are of great significance to the regulation of the market, and should not be misunderstood as a signal that the country wants to punish those companies as a warning. 

Relevant enterprises should see China’s determination to strengthen market supervision, and bid goodbye to the previous mind-set that internet companies could develop at their own will. It’s time to jointly prepare to usher in an era of orderly and sustainable development of internet firms. 

Previously, China’s state-owned enterprises went through a series of governance steps, including anti-corruption campaign and compliance with laws and regulations. Private enterprises have played an increasingly important role in the country’s development. Regulations on them should also be strengthened to further coordinate with China’s major policies to create solid conditions for better serving the country and the people. For some time, there have been many controversies over Chinese private enterprises, especially internet companies. This ranges from the so-called 996 work culture – working from 9 am to 9 pm six days a week, to executive scandals, customer murders, suspected monopoly disputes, and so on. Information security has particularly caused people’s concerns.

Each company has its own different situation. But it is believed that the society has some basic expectations for private internet enterprises.

First, private internet companies should, like all business entities, follow the trend within the moral and legal framework of our society, especially some enterprises that have become a foundational platform for our digital society. The bigger they grow, the more they should realize that they have to shoulder more responsibilities. It is important for them to remember that they are private enterprises under socialism, so they need to keep promoting social justice and core social values always. These companies have to not only protect our governance system, which is…