Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Average and median ransom payments per quarter, based on thousands of cases investigated (Source: Coveware)

Ransomware: Average Ransom Payment Stays Steady at $140,000

Mathew J. Schwartz • October 21, 2021

When a business, government agency or other organization hit by ransomware opted to pay a ransom to its attacker in Q3, the average payment was $140,000, reports ransomware incident response firm Coveware. It says the attack landscape has seen some notable shifts since the Colonial Pipeline attack.

3rd Party Risk Management

Accenture: Ransomware Attack Breached Proprietary Data

Latest

3rd Party Risk Management

House Passes Bills on Both Supply Chain, Telecom Security

Dan Gunderman • October 21, 2021

In a busy congressional day for cybersecurity legislation, the U.S. House of Representatives passed several bills on Wednesday, targeting both software supply chain and telecommunication system security. One observer describes them as "a win-win for the government and U.S. citizens."

3rd Party Risk Management

CISA Leader Backs 24-Hour Timeline for Incident Reporting

Dan Gunderman • October 20, 2021

A top leader of the U.S. Cybersecurity and Infrastructure Security Agency has voiced support for a 24-hour timeline for cyber incident reporting involving critical infrastructure, signaling a push by the Biden administration to implement a rapid mechanism for federal response.

Endpoint Detection & Response (EDR)

More Attempted Cyberattacks on Israeli Healthcare Entities

Marianne Kolbasuk McGee • October 19, 2021

Israeli officials say they have fended off a wave of attempted cyberattacks on several hospitals and healthcare entities in recent days, as Hillel Yaffe Medical Center continues to recover from a ransomware attack last week that authorities reportedly suspect was carried out by Chinese hackers.

Blockchain & Cryptocurrency

Treasury Dept. to Crypto Companies: Comply with Sanctions

Dan Gunderman • October 16, 2021

The U.S. Department of the Treasury unveiled additional steps to curb the illicit use of cryptocurrencies on Friday, warning enterprises not to engage with sanctioned entities exploiting the financial system - particularly to launder ransomware proceeds.

3rd Party Risk Management

ISMG Editors' Panel: Are Our Systems Too Complex to Secure?

Anna Delaney • October 15, 2021

In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner's Office's recent consultation on creating an international data transfer agreement.

Cybercrime

BlackByte: Free Decryptor Released for Ransomware Strain

Mathew J. Schwartz • October 15, 2021

A free decryptor for BlackByte ransomware has been released by security researchers at Trustwave who cracked the crypto-locking malware's encryption. But they say that unfortunately, the underlying encryption problem is likely in the process of already being fixed by the malware's developer.

3rd Party Risk Management

To Repel Supply Chain Attacks, Better Incentives Needed

Mathew J. Schwartz • October 14, 2021

The breach of text message routing giant Syniverse revealed yet another supply chain attack involving a key supplier, exacerbated by outdated communications protocols desperately in need of a security revamp and better incentives for improvement, says mobile telephony security expert Karsten Nohl.

Fraud Management & Cybercrime

Fertility Testing Lab Says Ransomware Breach Affects 350,000

Marianne Kolbasuk McGee • October 13, 2021

A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.

Application Security & Online Fraud

Fraud Transformation: Balancing Business and Customer Needs

Tom Field • October 11, 2021

More than two-thirds of survey respondents say they take a balanced approach - business, customers and compliance - investing in fraud prevention technology. So, why do they also report customer friction among their top challenges? BioCatch's Raj Dasgupta analyzes the results of the new Fraud Transformation Survey.

Profiles in Leadership: Dr. Frances Undelikwo, Fidelity Bank

Suparna Goswami • October 11, 2021

Dr. Frances Undelikwo, divisional head of IT and operational risk management at Fidelity Bank in Nigeria, says she found her passion by trying out different departments and fields under information security. She discusses her career path and current role.

Breach Notification

Ransomware Attack Hits Engineering Giant Weir Group

Prajeet Nair • October 9, 2021

A ransomware attack on Scottish multinational engineering firm Weir Group led to several ongoing but temporary disruptions, including engineering, manufacturing and shipment rephasing, hitting profits despite no ransom being paid.

3rd Party Risk Management

Nobelium Makes Russia Leader in Cyberattacks

Mihir Bagwe • October 8, 2021

Microsoft, in its annual threat review report, Digital Defense, says 58% of cyberattacks worldwide over the past year originated in Russia. And 92% of the Russia-based threat activity came from the nation-state threat group Nobelium.