Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Spam email with an attached Microsoft Word document that contains a malicious macro designed to download and execute Emotet malware (Source: Brad Duncan)

Emotet Malware Returns to Work After Holiday Break

Mathew J. Schwartz • January 18, 2019

Cybercrime outfits appeared to take a vacation around the December holidays. But attacks involving Emotet, Hancitor and Trickbot have resurged following their December slowdown, as has the Fallout exploit kit, lately serving GandCrab ransomware.

Cybercrime

Ransomware Keeps Ringing in Profits for Cybercrime Rings

Latest

Breach Preparedness

Ransomware: A Pervasive, Evolving Threat

Nick Holland • January 18, 2019

Leading the latest edition of the ISMG Security Report is an in-depth look at why ransomware remains a pervasive threat and how it's evolving. Also featured: updates on venture capital investments in cybersecurity and a study of vulnerabilities in industrial remotes.

Awareness & Training

Legal Lessons Learned From Breach Investigations

Tom Field • December 27, 2018

What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.

Fraud Management & Cybercrime

Federal Prosecutors Discuss SamSam Indictments

Nick Holland • November 30, 2018

In the latest edition of the ISMG Security Report, hear prosecutors discuss the indictments of two Iranians in connection with SamSam ransomware attacks. Also: Updates on allegations that Google is violating GDPR and cryptocurrency's impact on crime trends.

Fraud Management & Cybercrime

Texas Hospital Catches Dharma Ransomware Infection

Marianne Kolbasuk McGee • November 16, 2018

An attack on Altus Baytown Hospital in Texas is the latest ransomware incident reported to federal regulators as a health data breach. What other major ransomware incidents are impacting the healthcare sector?

Cybercrime

Crypto-Locking Kraken Ransomware Looms Larger

Jeremy Kirk • October 31, 2018

A slick ransomware-as-a-service operation called Kraken Cryptor has begun leveraging the Fallout exploit kit to help it score fresh victims, researchers from McAfee and Recorded Future warn. Absent offline backups, victims have little chance of recovering from its crypto-locking attacks.

Business Email Compromise (BEC)

Health Data Breach Tally: Analyzing the Latest Trends

Marianne Kolbasuk McGee • October 30, 2018

What kinds of health data breaches have been most common so far in 2018? An analysis of the official HHS breach tally reveals the latest trends, and security experts offer an analysis.

Breach Response

Suspected Ransomware Outbreak Disrupts US Newspapers

Mathew J. Schwartz • December 31, 2018

Production of newspapers owned by Chicago-based Tribune Publishing was disrupted after malware began infecting the company's publishing and printing systems. Tribune newspapers report that they appear to have been hit by crypto-locking Ryuk ransomware.

Fraud Management & Cybercrime

Account Takeover: Responding to the New Wave

Information Security Media Group • December 21, 2018

Account takeover is a rapidly growing arena for cybercriminals. How can organizations strengthen both authentication and authorization? Scott Olson of iovation, a TransUnion Company shares his insights.

Digital Identity

Key Drivers to Enable Digital Transformation in Financial Services

CenturyLink • December 16, 2018

Digital transformation (DX) continues to drive growth across financial services firms, creating new opportunities to increase revenue and foster innovation. Cloud - whether public, private or a hybrid approach - is foundational to achieving DX objectives, as is secure, resilient and scalable network connectivity....

DevSecOps

Organizations Adopting DevOps as they Retool IT Infrastructure

Information Security Media Group • December 14, 2018

Organizations are increasingly moving their mission-critical applications and data to Amazon Web Services (AWS) and taking advantage of the massive compute power of Amazon Elastic Compute Cloud (Amazon EC2).

Artificial Intelligence & Machine Learning

A New View of Threat Intelligence: The Last Line of Defense

• December 12, 2018

When security controls fail, can you detect unusual and anomalous activity with sufficient context to accurately ascertain the risk to the organization?

Cloud Security

Take Your Security With You From On-Premises to the AWS Cloud

December 6, 2018

Find out all the benefits of using one security solution across your on-premises data center and AWS cloud workloads. Get expert insight on use cases, plus informative real-world examples plus more about how the cloud services hub/Transit VPC Solution leverages the cloud's scalable network to provide security services...