Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

GandCrab Ransomware: Cat-and-Mouse Game Continues

Mathew J. Schwartz • November 16, 2018

A new, free decryptor has been released for "aggressive" crypto-locking ransomware called GandCrab. Researchers say GandCrab has come to dominate the ransomware-as-a-service market, earning its development team an estimated $120,000 per month.

Endpoint Security

Ransomware Crypto-Locks Port of San Diego IT Systems

Latest

Fraud Management & Cybercrime

Texas Hospital Hit With Dharma Ransomware Attack

Marianne Kolbasuk McGee • November 16, 2018

An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector?

Business Email Compromise (BEC)

Health Data Breach Tally: Analyzing the Latest Trends

Marianne Kolbasuk McGee • October 30, 2018

What kinds of health data breaches have been most common so far in 2018? An analysis of the official HHS breach tally reveals the latest trends, and security experts offer an analysis.

Next-Generation Technologies & Secure Development

Mobile Threats: Myths and Realities

Information Security Media Group • October 1, 2018

There is greater awareness to the proliferation of mobile threats, and yet many organizations still underestimate their own vulnerabilities. Brian Duckering of Symantec discusses the rise and maturity of mobile threat defense.

Cybercrime

Cybercrime Markets Sell Access to Hacked Sites, Databases

Mathew J. Schwartz • September 21, 2018

One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.

Business Continuity Management / Disaster Recovery

Scotland's Arran Brewery Slammed by Dharma Bip Ransomware

Mathew J. Schwartz • September 21, 2018

Scotland's Arran Brewery fell victim to a Dharma Bip ransomware attack that infected its Windows domain controller and crypto-locked files and local backups, leading to the loss of three months' worth of sales data. The brewery refused to pay the attackers' two bitcoin ransom demand.

Cybercrime

Why Cybercrime Remains Impossible to Eradicate

Mathew J. Schwartz • September 18, 2018

More evidence that running cybercrime schemes remains inexpensive and accessible to anyone with criminal intent: To send spam emails, admitted botnet herder Peter Levashov quoted customers $500 for 1 million emails. And that was just his 2016 pricing.

Cybercrime as-a-service

Russian Pleads Guilty to Operating Kelihos Botnet

Mathew J. Schwartz • September 13, 2018

Russian national Peter Levashov, who was arrested in Spain last year and extradited to the U.S., has admitted to a two-decade crime spree that included running multiple botnets that harvested online credentials while also pumping out spam, banking Trojans and ransomware.

Anti-Malware

Feds Charge North Korean With Devastating Cyberattacks

Jeremy Kirk • September 7, 2018

U.S. prosecutors have accused a 34-year-old North Korean man of involvement in some of the most destructive and profitable cyberattacks ever seen, including the WannaCry ransomware outbreak, the Sony Pictures Entertainment breach and the theft of $81 million from Bangladesh Bank.

Breach Preparedness

Canada's Mandatory Breach Notification Rules Now in Effect

Mathew J. Schwartz • November 1, 2018

Private sector organizations in Canada must now report all serious data breaches to the country's privacy watchdog as a result of new provisions in Canada's PIPEDA privacy law. Violators face fines of up to $100,000 for every breach victim they fail to notify or breach they attempt to hide.

Cloud Security

Digital Transformation Puts Tremendous Pressure on IT Security; A CISO Perspective

Information Security Media Group • October 25, 2018

Digital transformation is putting tremendous pressure on IT security. Whether it's discovering short-lived assets (e.g., containers), assessing cloud environments or maintaining web application security, IT security priorities do not have to be at the mercy of digital business initiatives.

Next-Generation Technologies & Secure Development

A Fresh Look at Outsourcing

Information Security Media Group • September 20, 2018

The biggest security budget in the business cannot save you from also suffering one of the biggest breaches. The key is: Do you have the right skills and technology deployed to defend your critical assets? Michael Malone and Ben Johnson of Datashield, an ADT company, make the case for outsourcing.