Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Source: Shutterstock

13% Spike in Ransomware Is Biggest in 5 Years

Brian Pereira • May 25, 2022

Ransomware has grown 13% year on year in 2022, a jump greater than the past five years combined, a Verizon Business 2022 Data Breach Investigations Report published on Tuesday shows. It says financial gain continues to be the primary motive for attacks, followed by espionage.

Blockchain & Cryptocurrency

Feds Say 'Multi-Tasking Doctor' Built Thanos Ransomware

Latest

Blockchain & Cryptocurrency

Proof of Concept: How Can We Improve Industry Collaboration?

Anna Delaney • May 23, 2022

In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.

Business Continuity Management / Disaster Recovery

ISMG Editors: The Case of the 'Dr. Evil' of Ransomware

Anna Delaney • May 20, 2022

In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.

Critical Infrastructure Security

Feds Warn Health Sector of Top Russia-Backed APT Groups

Marianne Kolbasuk McGee • May 20, 2022

Federal authorities are alerting healthcare sector entities of threats posed by Russian state-sponsored cyber groups, including some linked to attacks on pharmaceutical and related firms. Meanwhile, other ransomware gangs continue their assaults on a variety of U.S. medical facilities.

Fraud Management & Cybercrime

2 Health Plans Report Major Breaches Following Attacks

Marianne Kolbasuk McGee • May 19, 2022

Two recent apparent ransomware attacks on health plans have potentially affected hundreds of thousands of individuals. One of the incidents allegedly involved the Conti ransomware group, and the other allegedly involved Hive. One of the health plans is already facing legal fallout.

Business Continuity Management / Disaster Recovery

Closing the Gaps in Ransomware Prevention Strategies

CyberEdBoard • May 18, 2022

Alberto Hasson, the CISO at ICL Group, discusses how to avoid becoming the next victim of a ransomware or other malware attack. He outlines what defenders can do to close gaps in their defense strategies and how they can mitigate attackers' ever-evolving tactics.

Access Management

Five Eyes Alliance Advises on Top 10 Initial Attack Vectors

Mihir Bagwe • May 18, 2022

Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.

Access Management

Proof of Concept: Apple/Microsoft/Google Back Passwordless

Anna Delaney • May 16, 2022

In the latest "Proof of Concept," Lisa Sotto, Jeremy Grant and ISMG editors discuss the significance of Apple, Google and Microsoft supporting the FIDO protocol's passwordless sign-in standard, progress made on Biden's cybersecurity executive order and updates on U.S. cybersecurity and privacy laws.

Breach Notification

AvosLocker Claims Data Theft From Another Healthcare Entity

Marianne Kolbasuk McGee • May 16, 2022

In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health, which operates hundreds of healthcare facilities in the U.S., Mexico and South America.

Blockchain & Cryptocurrency

ISMG Editors: What Have We Learned From the Conti Leaks?

Anna Delaney • May 13, 2022

In the latest update, four editors at Information Security Media Group discuss the intriguing insights exposed by the leak of ransomware gang Conti's internal communications, the U.S. Treasury's first-ever sanctions on a cryptocurrency mixer and the latest cyber activity in Russia's hybrid war.

Business Continuity Management / Disaster Recovery

Russia-Ukraine War: Cyberattack Escalation Risk Continues

Mathew J. Schwartz • May 13, 2022

As the Russia-Ukraine war continues, cybersecurity officials say the risk of attack spillover - and perhaps the direct targeting of critical infrastructure sectors outside Ukraine - remains high. The memo for CISOs is clear: Remain prepared.

Cryptocurrency Fraud

Proof of Concept: Crypto - A New National Security Threat

Anna Delaney • May 12, 2022

In the latest "Proof of Concept," Ari Redbord, head of legal and government affairs at TRM Labs, and former CISO David Pollino of PNC Bank join editors at ISMG to discuss the U.S Treasury's decision to sanction cryptocurrency mixer Blender.io. They also assess software supply chain security.

Access Management

Lessons for Cybersecurity Leaders From Russia-Ukraine War

Anna Delaney • May 12, 2022

The latest edition of the ISMG Security Report analyzes what lessons cybersecurity leaders can learn from the Russia-Ukraine war. It also examines the Okta data breach and Lapsus$ attack and describes how tech companies are supporting new developments in the FIDO protocol.