Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

After 2 Years, WannaCry Remains a Threat

Scott Ferguson • May 17, 2019

Two years after WannaCry tore a path of destruction through the world, the ransomware remains a danger, with many systems still vulnerable to the EternalBlue or EternalRomance exploits that started it all.

Business Continuity Management / Disaster Recovery

Medical Practice to Close in Wake of Ransomware Attack

Latest

Application Security

WannaCry Still Causing Tears 2 Years On

Nick Holland • May 24, 2019

The latest edition of the ISMG Security Report assesses the legacy of WannaCry ransomware two years on. Also featured: the evolving role of healthcare CISOs; threat mitigation recommendations based on the 2019 Verizon Data Breach Investigations Report.

Cybercrime as-a-service

Verizon DBIR: C-Level Executives in the Crosshairs

Nick Holland • May 22, 2019

C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest Verizon's Data Breach Investigations Report. Author John Grim shares insight.

Cybercrime

IRS Gives Hacked Accounting Software Customers a Reprieve

Mathew J. Schwartz • May 13, 2019

Good news for customers of accounting software vendor Wolters Kluwer: The IRS has given you a 7-day extension to submit several different types of filings. Bad news: It's because the accounting software giant was hacked, knocking its cloud-based CCH software suite offline.

Healthcare

Health Data Breach Tally Update: What's Been Added?

Marianne Kolbasuk McGee • May 9, 2019

A ransomware attack reported by a business associate that impacted more than three dozen clients and nearly 207,000 individuals is among the latest incidents added to the Department of Health and Human Services' data breach tally. Here's the latest health data breach tracking update.

Cybercrime

Hackers Steal, Post Financial Data From Major Corporations

Scott Ferguson • April 30, 2019

Cybercriminals have stolen customer data from Citycomp, a German IT company whose clients include Oracle, Volkswagen, Airbus, Ericsson, Toshiba British Telecom and many others. After Citycomp didn't pay a ransom, the hackers posted the data online.

Breach Response

'Virus Infection' Prohibits Access to Patient Records

Marianne Kolbasuk McGee • April 25, 2019

A recent cyberattack on a California medical imaging and oncology services provider, which prohibited access to patient data, is one of the largest health data breaches reported so far this year.

DevSecOps

Analysis: The Evolving Ransomware Threat

Nick Holland • April 5, 2019

The latest edition of the ISMG Security Report offers an in-depth look at the ever-changing ransomware threat. Other topics: filling the DevSecOps skills gap and the repercussions of Australia's encryption-busting law.

Fraud Management & Cybercrime

City of Albany Latest Local Government Hit With Ransomware

Scott Ferguson • April 2, 2019

Albany, New York, is the latest unit of local government hit with ransomware in recent weeks, following similar attacks reported in Georgia and North Carolina that crippled government IT systems and disrupted service for local residents.

Breach Preparedness

Can Cyber Policy Protect the 2020 Elections?

Nick Holland • March 29, 2019

The ISMG Security Report features Chris Painter, commissioner of the Global Commission on the Stability of Cyberspace, discussing cybersecurity policy for the 2020 U.S. elections. Plus, an update on the cost of the Norsk Hydro ransomware attack and the challenges of controlling real-time payments fraud.

Fraud Management & Cybercrime

IBM X-Force Intelligence: What Are Latest Cyber Threats?

Mathew J. Schwartz • March 27, 2019

Charles Henderson, global managing partner for IBM X-Force Red, reviews some of the top new cybersecurity threats to organizations discovered by his team.

Business Email Compromise (BEC)

Report: Half of Breaches Trace to Hacking, Malware Attacks

Mathew J. Schwartz • March 26, 2019

Beazley Breach Response Services, a unit of global insurance company Beazley, reports that nearly half of the more than 3,300 breaches it investigated last year traced to a hack attack or malware infection. And half of those hacking/malware attacks were tied to business email compromise schemes.

Next-Generation Technologies & Secure Development

Inside Netscout's Threat Report

Tom Field • March 25, 2019

Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.