Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

RSA CEO Rohit Ghai on the New RSA

Tom Field • May 17, 2021

The past year has been a milestone one for RSA and for RSA Conference alike. In this exclusive interview, RSA Group CEO Rohit Ghai discusses the changes, the state of secure identity and the role XDR will play in shaping cybersecurity's future.

Endpoint Security

Colonial Pipeline: 'A Global Day of Reckoning'

Latest

Fraud Management & Cybercrime

RSA's Zulfikar Ramzan: Beyond Digital Transformation

Tom Field • May 17, 2021

Nearly a year ago, RSA's Chief Digital Officer, Zulfikar Ramzan, sat with ISMG to discuss 2021: A Cybersecurity Odyssey. Which predictions came true, and how have the threat and technology landscapes exploded in unexpected new directions?

Critical Infrastructure Security

How Vulnerable Is Critical Infrastructure?

Steve King • May 17, 2021

The recent Colonial Pipeline ransomware attack illustrates the vulnerability of the nation's critical infrastructure, says Richard Stiennon, a research analyst and the author of "Security Yearbook 2021: A History and Directory of the IT Security Industry."

Business Continuity Management / Disaster Recovery

Paying a Ransom: Does It Really Encourage More Attacks?

Doug Olenick • May 14, 2021

Some cybersecurity experts question the contentions of Speaker of the House Nancy Pelosi and another member of Congress, who say a $5 million ransom reportedly paid by Colonial Pipeline Co. after being hit by DarkSide ransomware would serve as a catalyst for attacks on other critical infrastructure providers.

Cybercrime

ISMG Editors’ Panel: Analysis of Colonial Pipeline Attack

Anna Delaney • May 14, 2021

Four editors at Information Security Media Group discuss the Colonial Pipeline attack, providing insights on the DarkSide ransomware gang and securing critical infrastructure.

IT Risk Management

How to 'Demystify' Cybersecurity

Jeremy Kirk • May 14, 2021

To defend against cyberattacks, it's important to "demystify" cybersecurity and break it into risks that can be managed by any organization, says Ciaran Martin, the former director of the U.K. National Cyber Security Center.

Critical Infrastructure Security

Teardown: Inside the Colonial Pipeline Ransomware Attack

Anna Delaney • May 14, 2021

Diving into the Colonial Pipeline ransomware attack - culprits, impact, recovery, and the increasing political firestorm it’s triggered - is the focus of the latest edition of the ISMG Security Report. Security leaders weigh in on the attack's significance and potential long-term ramifications.

Fraud Management & Cybercrime

Biden's Cybersecurity Executive Order: 4 Key Takeaways

Scott Ferguson • May 13, 2021

By issuing a sweeping cybersecurity executive order on Wednesday, the Biden administration is attempting to take a critical step to address security issues that have come to light after recent cyberattacks. Here's an analysis of the order's key elements.

3rd Party Risk Management

Colonial Pipeline Attack: 'We're Simply Unprepared'

Tom Field • May 13, 2021

As former CISO of Pacific Gas & Electric, Bernie Cowens knows plenty about cyber securing the nation's critical infrastructure. He shares his informed opinion on the Colonial Pipeline ransomware attack and what public and private sector entities must do to shore up key defenses.

Fraud Management & Cybercrime

Did Data Leak Discovery Reveal a Ransomware Incident?

Marianne Kolbasuk McGee • May 12, 2021

An unsecured database of medical information on military veterans contained evidence of a potential incident, the security researcher who discovered the data leak says.

Critical Infrastructure Security

Colonial Pipeline Attack: 'All Monsters Are Human'

Tom Field • May 12, 2021

In April, Cybereason published a blog describing its research into the DarkSide ransomware strain that infected Colonial Pipeline this past week. Sam Curry, CSO of Cybereason, shares insights on DarkSide and the tactics behind the new breed of ransomware attacks.

Fraud Management & Cybercrime

Babuk Ransomware Gang Posts More DC Metro Police Data

Doug Olenick • May 12, 2021

The Babuk ransomware gang has reignited its feud with the Washington, D.C. Metropolitan Police Department by posting what it says is an additional 22GB of stolen data and what it claims is a transcript of the failed ransom negotiations.

Business Continuity Management / Disaster Recovery

Alerts: Avaddon Ransomware Attacks Increasing

Prajeet Nair • May 11, 2021

Attackers are using Avaddon ransomware to target diverse organizations in the U.S., Australia and elsewhere, according to the FBI and the Australian Cyber Security Center. Among the recent victims was a service provider to Australian telecommunications company Telstra.