Bitcoin (BTC) is forecasted to be a less enticing payment choice by cybercriminals as regulations and tracking technologies improve, thwarting their ability to safely move funds. Cybersecurity firm Kaspersky in a Nov. 22 report noted that ransomware negotiations and payments would rely less on Bitcoin as a transfer of value as an increase in digital asset regulations and tracking technologies will force cybercriminals to rotate away from Bitcoin and into other methods. As reported by Cointelegraph, ransomware payments using crypto topped $600 million in 2021 and some of the biggest heists such as the Colonial Pipeline attack demanded BTC as a ransom. Kaspersky also noted that crypto scams have increased along with the greater adoption of digital assets. However, it said that people have be...
Three federal agencies in the United States — the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center — jointly issued an advisory seeking information to curb ransomware attacks. As part of the #StopRansomware campaign, the joint cybersecurity advisory alerted citizens of Vice Society, a ransomware-type program that encrypts data and demands ransom for decryption. The trio anticipates a spike in ransomware attacks, primarily aimed at educational institutions, adding that “School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable.” While proactive measures remain vital to counter ransomware, the FBI asked US citizens to report infor...
The Lazarus Group, a well-known North Korean hacking syndicate, has been identified as the primary suspect in the recent attack that saw $100 million stolen from the Harmony protocol. According to a new report published Thursday by blockchain analysis firm Elliptic, the manner in which Harmony’s Horizon bridge was hacked and the way in which the stolen digital assets were consequently laundered bears a striking resemblance to other Lazarus Group attacks. “There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.” Additionally, Elliptic outlined exactly how the heist was executed, noting that The Lazarus Group targeted the login credentials of Harmony employees in ...
The collection and processing of information was a major theme at the United States Senate Committee on Homeland Security and Governmental Affairs (HSGAC) hearing titled, “Rising Threats: Ransomware Attacks and Ransom Payments Enabled by Cryptocurrency” on Tuesday. The committee hosted a panel of private-sector experts who discussed the problem of ransomware attacks and the challenges of collecting and using the information necessary to fight them. Committee chair Gary Peters of Michigan, who introduced the Strengthening American Cybersecurity Act in February, said the government lacks sufficient data even to understand the scope of the threat posed by ransomware attacks. Attackers almost exclusively ask for payment in cryptocurrency, he added. Several figures were trotted out to qua...
Image sourced from Alpine Security. Sophos, a global leader in next-generation cybersecurity, has published a new sectoral survey report, “The State of Ransomware in Healthcare 2022.” The findings reveal a 94% increase in ransomware attacks on the organizations surveyed in this sector. In 2021, 66% of healthcare organizations were hit; 34% were hit the previous year. The silver lining, however, is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks, according to the survey data. The report shows that 99% of those healthcare organizations hit by ransomware got at least some their data back after cybercriminals encrypted it during the attacks. Additional ransomware findings for the healthcare sector include: Healthcare organizations had the se...
Image sourced from isnews.stir.ac.uk According to Steve Flynn, Sales and Marketing Director at ESET Southern Africa, it’s long past time organisations get a handle on business email compromise scams which generated more losses for victims in 2021 than any other type of cybercrime. While ransomware, hacking, API hacks, and all the other cybersecurity threats make headlines, it’s worth remembering that the costliest internet scam is still business email compromises, according to the latest FBI Internet Crime Report. Among the complaints received by the FBI in 2021, ransomware, business e-mail compromise (BEC) schemes, and the criminal use of cryptocurrency are among the top incidents reported. Technology-based systems are under attack, and they cost organisations around the world billions in...
Australian financial compliance enforcement agency AUSTRAC has released two new guides to help entities to spot when customers are using crypto for illicit means, or when they are being forced to pay the creators of ransomware. But it warned that debanking customers merely on suspicion of such activity was a harmful practice with serious negative effects. In an announcement posted earlier today, AUSTRAC noted that the growing acceptance, value and adoption of crypto and blockchain tech has been accompanied by an increase in cybercrime. “Cyber-enabled crime is an increasing threat to Australians. According to the Australian Cyber Security Centre (ACSC), 500 ransomware attacks were reported in the 2020-21 financial year, an increase of nearly 15 percent from the previous year,” AUSTRAC state...
Sourced from Hacker Noon. Alongside self-fertilizing crops and low-carbon shipping, cryptocurrencies have made the World Economic Forum (WEF) list of top tech trends in 2022 bolstered by research by the Thomson Reuters Foundation that describes it as moving from the ‘fringes of finance to the mainstream’. Perceptions around cryptocurrencies have shifted, with several countries adopting it as legal tender, banks looking to create their own forms of digital currency, and consumers putting their savings into crypto wallets instead of traditional financial institutions. Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa. Countries are either considering or are already partially using Central Bank Digital Currency (CBDC), which essentially allows for companies and individuals...
Sourced from International IDEA As we all start to get a better view of what the future might hold, organisations need to look again at their security strategy. But first, we need to take stock. After the initial shock of lockdowns and mass remote working, what have we learned from the past two years as we all attempted to adjust to the new reality? You’re working in a landscape of increasing threats and vulnerabilities The widespread shift to the cloud to support those working remotely has inadvertently created a much larger attack surface. The sheer number of new locations, devices, and networks organisations are managing today alone calls for a security rethink – a need that’s magnified by a year-on-year increase in threats. And the pandemic has magnified the problem, sending a huge wav...
Ransomware is getting nastier and more expensive all the time and it has affected almost every industry and geography. No one is immune from the threat. In a global ransomware survey conducted by Fortinet, 67% of organizations report suffering a ransomware attack. Even worse, almost half said they had been targeted more than once, and nearly one in six said they had been attacked three or more times. Renee Tarun, Deputy CISO/ Vice President Information Security, Fortinet Inc. The US Treasury’s Financial Crimes Enforcement Network (FinCEN) reported that organizations paid out almost $600 million in ransomware in the first half of 2021, which puts the US on track to surpass the combined payouts of the previous decade in a single year. Last year’s attacks on the suppl...