Tag Archive for: strategy

BlackByte ransomware gang returns with new multitier ransom strategy

/in


A ransomware gang with links to the Conti group has returned with a new campaign similar to the better-known LockBit gang.

BlackByte version 2.0 ransomware gang, as the group calls itself, is promoting a new leaks site and claims to have successfully targeted new victims. Bleeping Computer reported Wednesday that those behind the ransomware are also promoting their activities on Twitter Inc., including auctions for stolen data.

BlackByte’s leak site currently had only one victim listed, however. In a twist on traditional ransomware groups, BlackByte is using a multitier ransom and publication strategy. Victims are being given the opportunity to pay to delay the publishing of their data by 24 hours for $5,000, can download the data for $200,000, or destroy all the data for $300,000. As with any ransomware gang, paying any sum demanded comes with zero guarantees that those behind the attack will deliver on their promises.

A form of ransomware used by BlackByte previously was found to have a worm capability similar to the Conti ransomware group’s predecessor Ryuk ransomware and also undertakes similar techniques. Previous BlackByte victims include the San Francisco 49ers American football team in February.

“We should view BlackByte less as an individual static actor and more as a brand which can have a new marketing campaign tied to it at any time,” Oliver Tavakoli, chief technology officer at artificial intelligence cybersecurity company Vectra AI Inc., told SiliconANGLE. “The payment to delay the publishing of data is an interesting business innovation. It allows smaller payment to be collected from victims who are almost certain they won’t pay the ransom, but want to hedge for a day or two as they investigate the extent of the breach.”

Nicole Hoffman, senior cyber threat intelligence analyst at digital risk solutions provider Digital Shadows Ltd., said it’s not surprising that BlackByte has similarities to LockBit, such as pay-to-delay, download or destroy extortion models. LockBit 2.0 emerged with an attack on Accenture PLC in August 2021.

“It is realistically possible that BlackByte is trying to gain a competitive advantage or even trying to gain…

Source…

UK issues a new maritime security strategy with a focus on illegal fishing, seabed mapping and cybersecurity

/in


A newly released strategy document from the UK government, published on 15 August, redefines maritime security as upholding laws, regulations and norms to deliver a free, fair, and open maritime domain.

The  ‘National Strategy for Maritime Security’ recognises illegal, unreported and unregulated fishing and environmental damage to the seas as topics of maritime security concern.

Also on 15 August, the government announced it is establishing a UK Centre for Seabed Mapping to enable collaboration and collect more and better data.

UK Transport Secretary Grant Shapps said: ‘Our new maritime security strategy paves the way for both government and industry to provide the support needed to tackle new and

Source…

OIG: DHS Needs a Unified Strategy to Counter Disinformation

/in


The Office of Inspector General (OIG) says the Department of Homeland Security (DHS) needs a unified strategy to counter disinformation campaigns.

Cyber attacks, intellectual property theft, and state-sponsored disinformation campaigns against the United States have increased significantly in recent years. DHS began internal and external coordination efforts in 2018 when former DHS Secretary Kirstjen Nielsen established the Countering Foreign Influence Task Force to focus on election infrastructure disinformation appearing in social media. Also in 2018, the Cybersecurity and Infrastructure Security Agency (CISA) started notifying social media platforms or appropriate law enforcement officials when voting-related disinformation appeared in social media. These early efforts were predominantly focused on disinformation campaigns that pertained to election infrastructure before also including COVID-19 bogus claims and other mis-, dis- and malinformation (MDM). 

Today, internet users can be vulnerable to a wide variety of MDM and propaganda campaigns that appear in social media. False news, such as misinformation, disinformation, and malinformation are used to shape public opinion, undermine trust, amplify division, and sow discord. Mobile devices and smartphones further enable individuals and groups to rapidly share content, including disinformation and misinformation. This content may include hyperlinks to media articles and other web-based content, such as images and videos, that may have been manipulated to spread disinformation and misinformation, referred to as “deepfake” information. Deepfakes could be used to generate inflammatory content such as convincing video of U.S. military personnel engaged in war crimes intended to radicalize populations, recruit terrorists, or incite violence.

Certain countries were far more likely than others to be targeted by foreign disinformation operations. Based on publicly available information from Facebook and Twitter, the three countries most targeted by foreign actors were the United States, the United Kingdom, and Egypt. Disinformation campaigns that targeted the United States include a foreign entity offering to pay social media…

Source…

Africa Security Brief No. 41: Strengthening Sahelian Counterinsurgency Strategy – Mali

/in


By Michael Shurkin
July 25, 2022

Adapting Sahelian force structures to lighter, more mobile, and integrated units will better support the population-centric COIN practices needed to reverse the escalating trajectory of violent extremist attacks.

HIGHLIGHTS

  • Mali, Burkina Faso, and Niger have experienced a near uninterrupted expansion in militant Islamist violence over the past decade, underscoring the need for an alternative security strategy. Central to this is the recognition that these violent extremist groups employ irregular tactics and operate as local insurgencies, requiring a sustained counterinsurgency campaign.

  • Elevating the effectiveness of Sahelian forces will require a more integrated, mobile, and population-centric force structure bolstered by enhanced logistical and air support capabilities.

  • Building positive relations with local populations is not just a question of morality or legitimacy but also an essential means of weakening support to insurgents.

Militant Islamist violence in the Sahel is accelerating faster than in any other region in Africa. After nearly a decade of conflict, violent events in the Sahel (specifically Burkina Faso, Mali, and western Niger) are surging—with a 140-percent increase since 2020 and no signs of abatement. Militant Islamist group violence against civilians in the Sahel represents 60 percent of all such violence in Africa and is projected to increase by more than 40 percent in 2022.1 This uninterrupted escalation of violence has displaced more than 2.5 million people and is on pace to kill more than 8,000 individuals in 2022 (see Figure 1 in the PDF).

Government control over the vast rugged territory has diminished over the years, revealing an inability to sustain pressure on militant Islamist groups and to provide security for communities. Sahelian security forces have suffered heavy losses in the conflict. Militants have successfully targeted security and defense forces in their attacks throughout Mali, Burkina Faso, and Niger. Superior mobility and intelligence capabilities have allowed the militant groups to overrun static military bases, resulting in hundreds of casualties among armed forces….

Source…