Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

The average daily ransom amounts paid from April to June (red line is a trailing 10-day moving average), of which 99 percent were paid in bitcoin. (Source: Coveware)

Ransomware: As GandCrab Retires, Sodinokibi Rises

Mathew J. Schwartz • July 17, 2019

With the GandCrab ransomware-as-service gang promising to retire - and free decryptors now aiding victims - rival Sodinokibi has already stepped into the void, security experts warn. Driven also by attackers wielding Ryuk, Dharma and Phobos, ransom payments by victims have been surging.

Fraud Management & Cybercrime

Baltimore Ransomware Attack Costing City $18 Million

Latest

Application Security

Tesla Vulnerability: A Bounty Hunter's Tale

Nick Holland • July 19, 2019

The latest edition of the ISMG Security Report describes the accidental discovery of a Tesla software vulnerability. Also featured: an analysis of the latest ransomware trends and insights from former federal advisers Richard Clarke and Robert Knake on cyber resilience.

Endpoint Security

D-Link Settles With FTC Over Alleged IoT Security Failures

Jeremy Kirk • July 3, 2019

D-Link has reached a proposed settlement with the U.S. Federal Trade Commission, which alleged the IoT device developer left consumers vulnerable to hackers through inadequate security practices. The terms of the settlement may serve as a warning to IoT makers to get their security checks in order.

Breach Notification

Identity as a Game-Changing Breach Defense

Information Security Media Group • June 25, 2019

Often in breach response, security professionals focus on the technical aspects of the attack. Yet, the non-technical aspects are often more insidious, says Teju Shyamsundar of Okta. And Identity can be a powerful tool to bolster defenses.

Cybercrime

Analysis: The Cybersecurity Risks Major Corporations Face

Nick Holland • June 14, 2019

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face. Plus: Was the band Radiohead hacked? And what's unusual about the proposed Premera Blue Cross breach lawsuit settlement?

Application Security

Fingerpointing Over Baltimore's Ransomware Attack

Nick Holland • May 31, 2019

The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns.

Business Continuity Management / Disaster Recovery

Case Study: The Devastating Impact of a Ransomware Attack

Marianne Kolbasuk McGee • May 30, 2019

One of the earliest ransomware victims in the healthcare sector has a strong message for organizations that believe they won't be targeted: Get prepared for an attack - otherwise you risk a devastating impact.

Anti-Phishing, DMARC

WannaCry Still Causing Tears 2 Years On

Nick Holland • May 24, 2019

The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.

Anti-Phishing, DMARC

Verizon DBIR: C-Level Executives in the Crosshairs

Nick Holland • May 22, 2019

C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.

Fraud Management & Cybercrime

Ransomware Increasingly Hits State and Local Governments

Scott Ferguson • May 14, 2019

Over the past two years, the number of ransomware attacks against state and local government agencies has increased. But at the same time, these victims are paying less to attackers. A new analysis by threat intelligence firm Recorded Future asks: Why the discrepancy?

Cybercrime

IRS Gives Hacked Accounting Software Customers a Reprieve

Mathew J. Schwartz • May 13, 2019

Good news for customers of accounting software vendor Wolters Kluwer: The IRS has given you a 7-day extension to submit several different types of filings. Bad news: It's because the accounting software giant was hacked, knocking its cloud-based CCH software suite offline.

Healthcare

Health Data Breach Tally Update: What's Been Added?

Marianne Kolbasuk McGee • May 9, 2019

A ransomware attack reported by a business associate that impacted more than three dozen clients and nearly 207,000 individuals is among the latest incidents added to the Department of Health and Human Services' data breach tally. Here's the latest health data breach tracking update.

Cybercrime

Hackers Steal, Post Financial Data From Major Corporations

Scott Ferguson • April 30, 2019

Cybercriminals have stolen customer data from Citycomp, a German IT company whose clients include Oracle, Volkswagen, Airbus, Ericsson, Toshiba British Telecom and many others. After Citycomp didn't pay a ransom, the hackers posted the data online.