Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

The MGM National Harbor Hotel and Casino in Oxon Hill, Maryland (Image: Shutterstock)

MGM Resorts Says Hotels 'Operating Normally' After Attack

Mathew J. Schwartz • September 22, 2023

MGM Resorts International says its hotels and casinos are now operating "normally" after the company was hit by ransomware-wielding attackers. Even so, numerous systems remain offline - including digital room key cards - as the company seeks to rebuild its IT infrastructure.

Breach Notification

Caesars Confirms Ransomware Payoff and Customer Data Breach

Latest

Breach Notification

How Will SEC Rules Affect Reporting, Tracking of Incidents?

Anna Delaney • September 25, 2023

Under new U.S. Securities and Exchange Commission rules, companies must disclose material cybersecurity incidents and annually report on cybersecurity risk management, strategy and governance. Alex Hamerstone, advisory solutions director at TrustedSec, discussed the challenges ahead.

Artificial Intelligence & Machine Learning

Generative AI: Embrace It, But Put Up Guardrails

Steve King • September 19, 2023

In this episode of CyberEd.io's podcast series, "Cybersecurity Insights," Daniel DeSantis, director of CISO Advisory at Cisco, and Pam Lindemoen, CISO adviser at Cisco, discuss how generative AI will change and elevate the role of the CISO as well as what the future holds for network security.

Endpoint Security

Dragos Raises $74M to Advance OT Protection in Europe, Asia

Michael Novinson • September 18, 2023

Dragos completed a Series D extension to help organizations address enhanced OT security requirements from regulators and cyber insurance providers. The money will allow Dragos to help EU businesses affected by updated cybersecurity directives requiring many smaller organizations to boost security.

Critical Infrastructure Security

Caesars Entertainment Reportedly Pays Ransom to Attackers

Mathew J. Schwartz • September 14, 2023

Hotel and casino giant Caesars Entertainment paid approximately half of an initial $30 million ransom demand to attackers who infected its systems with ransomware, according to news reports. The attackers appear to be with the same group that hit MGM Resorts.

Account Takeover Fraud

Netcraft Buys FraudWatch to Boost Cybercrime Takedown Skills

Michael Novinson • September 12, 2023

Netcraft purchased an online brand protection vendor to incorporate security analysts into the company's highly automated cybercrime takedown process. The deal will expedite the takedown of fraudulent websites by capitalizing on their joint knowledge of the global infrastructure provider landscape.

Vendor Risk Management

Certa Raises $35M to Bring AI to Third-Party Risk Management

Michael Novinson • September 8, 2023

A third-party management platform founded by a longtime McKinsey consultant closed a funding round to bring further automation to compliance and procurement tasks. Certa plans to invest in AI that takes text-based organizational policies and converts them into controlled workflows.

Cloud Security

Tenable to Buy Startup Ermetic for $265M to Safeguard Clouds

Michael Novinson • September 7, 2023

Tenable will purchase a cloud security startup founded by the longtime leader of Secdo to help security teams make efficient and accurate remediation decisions. The proposed buy of Ermetic will make it easier for security professionals of all cloud expertise levels to spot and quickly address risks.

SASE

Netskope Buys Digital Experience Management Startup Kadiska

Michael Novinson • September 6, 2023

Netskope purchased a French digital experience management startup to monitor and proactively remediate performance issues across both SD-WAN and SSE. The deal will bring network and application performance visibility to user devices as well as hybrid, SaaS and cloud applications.

Cloud Access Security Brokers (CASB)

Zscaler Data Security Platform Takes on Symantec, CASB Tools

Michael Novinson • September 5, 2023

Zscaler's ability to inspect traffic in-line and secure application-to-application communications has driven massive growth in its data protection business, CEO Jay Chaudhry said. Customers have embraced Zscaler's data protection technology over incumbents such as Symantec as well as CASB tools.

Network Detection & Response

IronNet Furloughs Almost All Employees, Curtails Operations

Michael Novinson • September 5, 2023

IronNet's board authorized the company to furlough nearly all its workers and substantially curtail business operations as the board evaluates seeking bankruptcy protection. The furlough and cessation of business operations constitute an event of default under the terms of the company's borrowing.

Application Security

Battery Ventures Buys GrammaTech's Application Security Unit

Michael Novinson • September 5, 2023

GrammaTech has separated its security software products and cyber research services divisions, and venture capital firm Battery Ventures has acquired the former and renamed it CodeSecure. The Washington, D.C.-area application security testing software business will pursue M&A in adjacent markets.

Cybercrime

Cybercrime Tremors: Experts Forecast Qakbot Resurgence

Mathew J. Schwartz • September 4, 2023

Has the cry of the Qakbot come to an end? While the pernicious, multifunction malware fell quiet last week thanks to Operation "Duck Hunt," lucrative cybercrime operations have a history of rebooting themselves. Rivals also offer ready alternatives to ransomware groups and other criminal users.