Group items tagged

"Ransomware hunters: the self-taught tech geniuses fighting cybercrime"

"Researchers find 8% of cybercrime victims suffered financial losses while those aged over 55 were least likely targets"

"JBS, the world's biggest meat processor, has paid an $11m (£7.8m) ransom after a cyber-attack shut down operations, including abattoirs in the US, Australia and Canada. While most of its operations have been restored, the Brazilian-headquartered company said it hoped the payment would head off any further complications including data theft."

"The organisation is a pioneer of the "ransomware as a service" model, whereby it outsources the target selection and attacks to a network of semi-independent "affiliates", providing them with the tools and infrastructure and taking a commission on the ransoms in return. As well as ransomware, which typically works by encrypting data on infected machines and demanding a payment for providing the decryption key, LockBit copied stolen data and threatened to publish it if the fee was not paid, promising to delete the copies on receipt of a ransom."

"A major data breach at Phetchabun Hospital last week served as a loud wake-up call to state and private organisations to pay attention to their cybersecurity measures, as experts warned cybercrimes could become more commonplace in the years to come. The breach involved the data of 10,095 patients, including their names and dates of admission and discharge."

"While the name behind the attack might be relatively new, the criminal technique is not. Ransomware gangs render an organisation's computers inaccessible by infecting them with malicious software - malware - and then demanding a payment, typically in cryptocurrency, to unlock the files. In recent years, however, in a process dubbed "double extortion", the majority of gangs steal data at the same time and threaten to release it online, which they hope will strengthen their negotiating hand."

"A big leak of data from a Chinese cybersecurity firm has revealed state security agents paying tens of thousands of pounds to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution who might be of interest to their prospective clients. The cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include Nato and the UK Foreign Office."

"The significance of the attack on Krebs is that it looks as though many of the attacks on him came from large numbers of enslaved devices - routers, cameras, networked TVs and the like. "Someone has a botnet with capabilities we haven't seen before," says Martin McKeay, Akamai's senior security expert. The DDoS arms race has just moved up a gear."

"In a statement, the company said: "Colonial Pipeline is taking steps to understand and resolve this issue. At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already under way, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline."

"Ransomware analysts offered several possible explanations for why the master key has now appeared. It is possible Kaseya, a government entity, or a collective of victims paid the ransom. The Kremlin in Russia also might have seized the key from the criminals and handed it over through intermediaries, experts said."

"They said that a number of schools were reporting for the first time that pupils were using AI-generating technology to create images of children that legally constituted child sexual abuse material. Emma Hardy, UK Safer Internet Centre (UKSIC) director, said the pictures were "terrifyingly" realistic. "The quality of the images that we're seeing is comparable to professional photos taken annually of children in schools up and down the country," said Hardy, who is also the Internet Watch Foundation communications director."

"The January snow lay thick on the Moscow ground, as masked officers of the FSB - Russia's fearsome security agency - prepared to smash down the doors at one of 25 addresses they would raid that day. Their target was REvil, a shadowy conclave of hackers that claimed to have stolen more than $100m (£74m) a year through "ransomware" attacks, before suddenly disappearing. As group members were led away in cuffs, FSB officers gathered crypto-wallets containing untold volumes of digital currency such as bitcoin. Others used money-counting machines to tot up dozens of stacks of hundred dollar bills."

"The personal details of millions of voters are believed to have been accessed in an attack by China on Britain's democratic process, ministers will say. MPs and peers are thought to be among 43 people who the government looks set to confirm have been targeted by cyber-attacks backed by the Chinese state. The UK could impose sanctions on individuals believed to be involved in these acts of state-backed interference, one of which was a separate attack on the Electoral Commission in which Beijing accessed the personal details of about 40 million voters."