What's the price of a ransomware hit that disrupts a nation's critical infrastructure? Beyond months of patient disruption, Ireland's Health Service Executive says the May 2021 Conti ransomware attack against it could lead to $110 million in cleanup costs, plus more to revamp its IT infrastructure.
NBC News reports that President Joe Biden has been given a menu of options for conducting offensive cyber strikes again Russia. But the White House's press secretary says the report is "off base and does not reflect what is actually being discussed in any shape or form."
As Russia's military invasion and cyberattacks on Ukraine escalate, critical infrastructure entities, including those in the health sector of the U.S. and other countries condemning Russia's actions, must also be on high alert for potentially disruptive cyber assaults, some experts warn.
The ISMG Security Report analyzes the latest updates on the Ukraine-Russia crisis and offers cyber resiliency tips for organizations. It also describes how the Conti ransomware group has hired TrickBot malware developers and revisits one of the largest ransomware attacks ever in the U.S.
Security researchers have spotted a Mac coinminer using personalized open-source apps to augment its malicious routine. A departure from other malwares that use Tor, this effective malware leverages i2pd to hide its network traffic from the untrained eye.
On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. She shares best practices for enterprises to improve incident response plans.
The Conti ransomware group has a new trick up its sleeve: hiring "multiple elite developers and managers" to essentially acquire the venerable TrickBot malware operation, which it has been using for the past year to better distribute its ransomware, says threat intelligence firm Advanced Intelligence.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Botnet attacks have affected multiple organizations recently, resulting in web scraping as well as theft of financial information. They include a massive bot attack to scrape data from a job listing site and a TrickBot malware attack targeting 60 high-profile companies.
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.
In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
The January cyberattack on the International Committee of the Red Cross, which compromised the data of more than 515,000 highly vulnerable people, was specifically targeted at the organization, using code designed for execution on the ICRC servers, according to Director General Robert Mardini.
By almost every measure, ransomware continues to get worse, not least in the average amount criminals receive when a victim chooses to pay a ransom. So say new reports assessing the volume and severity of ransomware attacks, the flow of cryptocurrency, attackers' target selection and more.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.