Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Baltimore Ransomware Attack Costing City $18 Million

Scott Ferguson • June 7, 2019

A month after Baltimore's IT network was hit with the RobbinHood ransomware variant, officials believe the May 7 attack will cost $18 million, which includes recovering and restoring computer systems as well as lost municipal revenue.

Cybercrime

Report: FIN6 Shifts From Payment Card Theft to Ransomware

Latest

Cybercrime

Analysis: The Cybersecurity Risks Major Corporations Face

Nick Holland • June 14, 2019

The latest edition of the ISMG Security Report features a deep dive into an analysis of the cybersecurity risks that publicly traded companies face. Plus: Was the band Radiohead hacked? And what's unusual about the proposed Premera Blue Cross breach lawsuit settlement?

Application Security

Fingerpointing Over Baltimore's Ransomware Attack

Nick Holland • May 31, 2019

The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns.

Business Continuity Management / Disaster Recovery

Case Study: The Devastating Impact of a Ransomware Attack

Marianne Kolbasuk McGee • May 30, 2019

One of the earliest ransomware victims in the healthcare sector has a strong message for organizations that believe they won't be targeted: Get prepared for an attack - otherwise you risk a devastating impact.

Anti-Phishing, DMARC

WannaCry Still Causing Tears 2 Years On

Nick Holland • May 24, 2019

The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.

Anti-Phishing, DMARC

Verizon DBIR: C-Level Executives in the Crosshairs

Nick Holland • May 22, 2019

C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.

Cybercrime

IRS Gives Hacked Accounting Software Customers a Reprieve

Mathew J. Schwartz • May 13, 2019

Good news for customers of accounting software vendor Wolters Kluwer: The IRS has given you a 7-day extension to submit several different types of filings. Bad news: It's because the accounting software giant was hacked, knocking its cloud-based CCH software suite offline.

Healthcare

Health Data Breach Tally Update: What's Been Added?

Marianne Kolbasuk McGee • May 9, 2019

A ransomware attack reported by a business associate that impacted more than three dozen clients and nearly 207,000 individuals is among the latest incidents added to the Department of Health and Human Services' data breach tally. Here's the latest health data breach tracking update.

Cybercrime

Hackers Steal, Post Financial Data From Major Corporations

Scott Ferguson • April 30, 2019

Cybercriminals have stolen customer data from Citycomp, a German IT company whose clients include Oracle, Volkswagen, Airbus, Ericsson, Toshiba British Telecom and many others. After Citycomp didn't pay a ransom, the hackers posted the data online.

Fraud Management & Cybercrime

'Virus Infection' Prohibits Access to Patient Records

Marianne Kolbasuk McGee • April 25, 2019

A recent cyberattack on a California medical imaging and oncology services provider, which prohibited access to patient data, is one of the largest health data breaches reported so far this year.

DevSecOps

Analysis: The Evolving Ransomware Threat

Nick Holland • April 5, 2019

The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.

Business Continuity Management / Disaster Recovery

City of Albany Latest Local Government Hit With Ransomware

Scott Ferguson • April 2, 2019

Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents.

Critical Infrastructure Security

Can Cyber Policy Protect the 2020 Elections?

Nick Holland • March 29, 2019

The ISMG Security Report features Chris Painter, commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections. Plus, an update on the cost of the Norsk Hydro ransomware attack and the challenges of controlling real-time payments fraud.