Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Ransomware Attack Hit US Natural Gas Facility

Ishita Chigilli Palli • February 19, 2020

A ransomware attack on a U.S. natural gas compression facility led to a two-day shutdown of operations, according to an alert from the Cybersecurity and Infrastructure Security Agency.

Business Continuity Management / Disaster Recovery

Ryuk's Latest Victim: Tampa Bay Times

Latest

Business Continuity Management / Disaster Recovery

Ransomware Hit a Florida Voting System in 2016

Akshaya Asokan • February 13, 2020

Election officials in Palm Beach County, Florida, revealed this week that its voter registration system was hit by ransomware in the weeks leading up to the 2016 presidential election.

Business Continuity Management / Disaster Recovery

States Press for Federal Resources to Fight Cyberthreats

Ishita Chigilli Palli • February 12, 2020

State government officials told a Senate committee this week that more federal resources are needed to help states combat security cyberthreats, including ransomware. They also asked federal officials to share more information on looming security issues.

Business Continuity Management / Disaster Recovery

Malware Attack 'Damages' Patient Records

Marianne Kolbasuk McGee • February 5, 2020

A Texas orthopedic practice says a recent malware attack "permanently damaged" thousands of electronic patient records. It's the latest in a string of healthcare incidents in which various forms of malware rendered records inaccessible.

Business Continuity Management / Disaster Recovery

Australian Delivery Firm Confirms Ransomware Attack

Ishita Chigilli Palli • February 5, 2020

Australian transportation and logistics firm Toll Group has confirmed that it sustained a ransomware attack earlier this month that has forced the company to shut down several of its systems and led to delays in deliveries.

Cybercrime

Hackers Pose Increasing Risk to Medical Research Data

Marianne Kolbasuk McGee • February 4, 2020

The intellectual property, including research results, of biotechnology companies and other medical organizations is increasingly a target for hackers, who sometimes dump data on hacker forums or public websites. That's why breach detection and prevention is even more critical.

Anti-Phishing, DMARC

Emotet Malware Alert Sounded by US Cybersecurity Agency

Mathew J. Schwartz • January 23, 2020

Emotet malware alert: The U.S. Cybersecurity and Infrastructure Security Agency says it's been "tracking a spike" in targeted Emotet malware attacks. It urges all organizations to immediately put in place defenses to not just avoid infection, but also detect lateral movement in their networks by hackers.

Business Continuity Management / Disaster Recovery

Updated FTCODE Ransomware Now Steals Credentials, Passwords

Scott Ferguson • January 22, 2020

FTCODE, a ransomware strain that has been active since at least 2013, has recently been revamped to include new features, including the ability to steal credentials and passwords from web browsers and email clients, according to two research reports released this week.

Fraud Management & Cybercrime

Maryland Considers Criminalizing Ransomware Possession

Akshaya Asokan • January 21, 2020

Maryland lawmakers are considering a bill that would make possession of ransomware a crime punishable by up to 10 years in prison, similar to moves at least two other states have already made. But is such legislation effective?

3rd Party Risk Management

Critical Steps in Managing Vendor Security Risk

Marianne Kolbasuk McGee • January 14, 2020

In light of recent ransomware and other cyberattacks against vendors serving numerous healthcare organizations, it's critical to develop and deploy comprehensive vendor risk management programs, says John Farley of Arthur J. Gallagher & Co., a provider of cyber insurance.

Critical Infrastructure Security

Cybercrime Support: Victory for the Midmarket

Tom Field • December 24, 2019

The year 2019 saw a marked increase on breach responses services for small-to-midsized businesses. Kristin Judge, CEO of the Cybercrime Support Network, outlines the state of cybersecurity for the midmarket.

Critical Infrastructure Security

The 'Axis of Evil' and Escalation of Destructive Attacks

Tom Field • December 24, 2019

Tom Kellermann, former cybersecurity adviser to the Obama administration, doesn't mince words when he describes the nation-state threat to the U.S. as the "axis of evil in cyberspace." Nor does he hold back about the threat from destructive attacks, 5G deployment and other trends to watch in 2020.

Breach Notification

Maze Ransomware Gang Names More Alleged Victims

Mathew J. Schwartz • December 23, 2019

The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola. But Canadian construction firm Bird, which was listed as a victim, subsequently disappeared from the list.