Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Cybercriminals could rent GandCrab V5 ransomware.

Alleged GandCrab Distributor Arrested in Belarus

Chinmay Rautmare • August 4, 2020

A 31-year-old man who allegedly distributed versions of the GandCrab ransomware to target users has been arrested in Belarus for possession and distribution of malware, according to the country's Ministry of Internal Affairs.

►

Cybercrime

Ransomware + Exfiltration + Leaks = Data Breach

Latest

Breach Notification

SEI Investments: Vendor Hit by Ransomware, Data Leaked

Chinmay Rautmare • July 28, 2020

Fund administrator SEI Investments Co. acknowledged Monday that it suffered a data breach after one of its vendors was struck with a ransomware attack, resulting in some of its customers' data being made public by the malicious actors.

Application Security

Garmin Tight-Lipped About Cause of Outage

Doug Olenick • July 24, 2020

Garmin has not yet announced what caused an outage of its Garmin Connect fitness tracking service as well as its website. But some employees reportedly are attributing the outage to ransomware.

Fraud Management & Cybercrime

Breach Lawsuit Against Pediatric Dental Practice Dismissed

Marianne Kolbasuk McGee • July 20, 2020

A federal judge has dismissed a lawsuit filed against Sarrell Regional Dental Center for Public Health in the wake of a January 2019 ransomware attack that affected more than 391,000 individuals. The judge cited a lack of evidence that any data had been misused.

Cybercrime

Yet Again, Vulnerabilities Found in a Router

Jeremy Kirk • July 14, 2020

It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.

Business Email Compromise (BEC)

US Secret Service Forms Cyber Fraud Task Force

Akshaya Asokan • July 11, 2020

The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.

Fraud Management & Cybercrime

Lawsuits After Ransomware Incidents: The Trend Continues

Marianne Kolbasuk McGee • July 6, 2020

A lawsuit seeking damages as well as security mandates has been filed against a Florida-based orthopedic group in the wake of a ransomware incident. It's the latest in a series of such legal actions in healthcare, including one in which a preliminary settlement has been reached.

Fraud Management & Cybercrime

Ransomware Targets Mac Users

Doug Olenick • June 30, 2020

A ransomware strain targeting Mac users is spreading via a fake installer for Little Snitch - a host-based application firewall for macOS - according to the security firm Malwarebytes, which says the malware is poorly designed.

Breach Notification

Breach Aftermath: Authorities Order Lab to Improve Security

Marianne Kolbasuk McGee • June 26, 2020

Canadian information privacy regulators have ordered medical testing laboratory LifeLabs to improve its data security practices following their investigation of a 2019 breach that exposed the health data of 15 million individuals.

Business Continuity Management / Disaster Recovery

Analysis: Mitigating Risks in Multicloud Environments

Nick Holland • June 19, 2020

The latest edition of the ISMG Security Report discusses recent research on the cyberthreats in multicloud environments and how to mitigate them. Also featured: A ransomware risk management update; tips on disaster planning.

Business Continuity Management / Disaster Recovery

Maze Ransomware Gang Continues Data-Leaking Spree

Mathew J. Schwartz • June 18, 2020

The Maze ransomware gang is continuing to exfiltrate data from victims before crypto-locking their systems, then leaking the data to try to force non-payers to accede to its ransom demands. Don't want to play ransomware gangs' latest games? The only way to opt out is by planning ahead.

Breach Notification

A Tale of 2 Health Data Breaches: Persistent Challenges

Marianne Kolbasuk McGee • June 15, 2020

Two recently reported health data breaches illustrate persistent security challenges - defending against ransomware attacks as well as unauthorized access to email - that sometimes can expose years' worth of data.

Breach Notification

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert

Mathew J. Schwartz • June 12, 2020

The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.