10 Lessons from the British Library Ransomware Attack
Ransomware.org Blog
by John E. Dunn
3M ago
When ransomware visits your network, resolve to build it back better. And if you’re tempted to pay the ransom, don’t. That money is better spent on new defenses to prevent a repeat incident. These are some of the takeaways from a remarkable British Library report, Learning Lessons From The Cyberattack, that analyzes the paralyzing ransomware […] The post 10 Lessons from the British Library Ransomware Attack appeared first on Ransomware.org ..read more
Visit website
Romanian Healthcare System Laid Low by Attack on Shared Software Platform
Ransomware.org Blog
by John E. Dunn
8M ago
Cybercriminals, it is widely observed, have a fondness for weekends. This is not by chance—at weekends organizations are short-staffed, making this the best time to launch a cyberattack. It’s a pattern that played out in a ransomware attack on the Romanian health system on Sunday, Feb. 11, that sent some of the country’s most important hospitals back to the world of pen and paper. First reports put the number of hospitals affected at 18, which soon climbed to 21, then 25, and then 30. It quickly became apparent that this was only for starters. The attack targeted the Hipocrate Information Syst ..read more
Visit website
As Ransomware Attacks Surge Again, What’s Ahead for 2024?
Ransomware.org Blog
by John E. Dunn
8M ago
Stop us if you’ve heard this one before but ransomware is undergoing another one of its periodic surges. Granted, cybercrime always seems to be on the up—does the media ever report drops in cybercrime?—but this time there’s some hard evidence to back it up. That ransomware activity for 2023 rose was no surprise with the war in Ukraine causing a temporary drop in activity during 2022. Even so, when assessing activity on leak sites, Palo Alto’s Unit 42 researchers found significant rises in activity across the year. Another source is Chainalysis, which rates 2023 as ransomware’s “comeback” year ..read more
Visit website
AI Will Power a New Generation of Ransomware, Predicts Britain’s NCSC
Ransomware.org Blog
by John E. Dunn
8M ago
How will the sudden emergence of artificial intelligence (AI) platforms such as ChatGPT influence future ransomware attacks? Right now, there are so many pessimistic answers to this question it can be hard to judge the real-world risk they pose. On the one hand, there’s no doubt that AI can easily be used to improve individual components of today’s attack, for example improving the language and design of phishing emails to make them read more convincingly (as anyone who’s experimentally coaxed ChatGPT to rewrite an awkwardly phrased phishing email will attest). At the same time, it’s also like ..read more
Visit website
Police Dismember LockBit in Historic Ransomware Takedown
Ransomware.org Blog
by John E. Dunn
10M ago
The most extraordinary week in ransomware history anyone can remember began on Feb. 19 with an historic takedown of the infrastructure used by notorious ransomware group, LockBit. Industry watchers were euphoric, almost giddily so. If anything, that might be understating it. Twitter-X was ablaze with congratulations, most of them aimed at Britain’s National Crime Agency (NCA), which spearheaded the operation. Allan Liska of Recorded Future (a former contributor to this site) even posted a picture of cupcakes his colleagues had delivered to their Boston office to celebrate the occasion. But the ..read more
Visit website
Why are Ransomware Attacks Becoming More Dangerous? The British Library Attack Gives Us Some Clues
Ransomware.org Blog
by John E. Dunn
10M ago
The 1980s brutalism of the British Library in London has been likened to an unwelcoming fortress, and yet the intimidating appearance was no help when ransomware attackers decided to pay it a visit last October. In what is turning out to be one of the worst incidents ever to hit a public U.K. organization, over several days the famous institution’s website went down, its Wi-Fi stopped working, its email went offline, and the online catalog used by visitors became inaccessible. Days of disruption turned into weeks, weeks turned into months, with the only glimmer of progress being the online cat ..read more
Visit website
After DOJ Takedown, the Notorious ALPHV Ransomware Group Fights Back
Ransomware.org Blog
by John E. Dunn
11M ago
Has the digital reign of terror from the world’s second most active ransomware group, ALPHV (BlackCat), come to an end, or hasn’t it? If you ask the coalition of global police forces that recently seized its infrastructure, you’ll get a clear yes in answer to that question. The first sign that ALPHV was in trouble came on Dec. 7 when the dark websites used by the group to publish data leaks and conduct ransomware negotiations suddenly disappeared. This is highly unusual—dark websites used by ransomware groups are a vital piece of infrastructure necessary for their business model. Without it, t ..read more
Visit website
Is the Relationship between Journalists and Ransomware Gangs Healthy?
Ransomware.org Blog
by John E. Dunn
11M ago
One of the most unexpected trends of recent years is the way ransomware has turned high-impact cybercrime incidents into a public spectacle. For ransomware criminals, the more public the better. Extra publicity equals more embarrassment for the victim, which even if it doesn’t result in a ransom being paid serves as a warning to future victims. Public Exposure For organizations being ransomed, there are really only three ways to approach public exposure. The first—and until recently the default option—is to pay the ransom and hope (probably in vain) that this keeps the attack private. The seco ..read more
Visit website
Europol Makes New Ransomware Arrests. But Will It Make Any Difference?
Ransomware.org Blog
by John E. Dunn
1y ago
In the relatively short history of ransomware crime, very few of the professional criminals behind these attacks have ever been brought to justice. So many crimes, so few arrests, and there’s no mystery as to why: Ransomware criminals typically operate from countries with weak or no laws against what they do, and sometimes (stand up, Russia) with what can only reasonably be interpreted as the tacit approval of the government itself. Ringleader Arrest This should make Europol’s announcement on Nov. 21 that it arrested the 32-year old alleged “ringleader” of a major ransomware operation a notabl ..read more
Visit website
Unsecure Log Files Are the Most Ignored Weakness That Helps Ransomware
Ransomware.org Blog
by John E. Dunn
1y ago
“Those who cannot remember the past are condemned to repeat it,” said philosopher George Santayana in one of the most widely quoted aphorisms of the 20th century. According to a report from security company Sophos covering global customer data from the first half of 2023, a similar principle is applicable in many cyberattacks, especially those by ransomware. The computing equivalent of remembering events is logging, through which events are recorded as data in simple text files that list system messages, application errors, and account logins. Targeting Log Files Log files have been a feature ..read more
Visit website

Follow Ransomware.org Blog on FeedSpot

Continue with Google
Continue with Apple
OR