Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

Alleged Ryuk ransomware proceeds money launderer Denis Mihaqlovic Dubnikov

Ryuk-Linked Russian Pleads Guilty in US Court

David Perera • February 7, 2023

Denis Mihaqlovic Dubnikov, 30, pleaded guilty in U.S. federal court to conspiracy to commit money laundering. Federal prosecutors say the Russian national laundered more than $400,000 for the Ryuk ransomware-as-a-service gang. He faces up to 20 years in prison and a potential fine of $500,000.

Business Continuity Management / Disaster Recovery

Ransomware Gang Stole Customer Data, Arnold Clark Confirms

Latest

Operational Technology (OT)

Fortinet Weathers Economic Storm By Helping Users Cut Costs

Michael Novinson • February 7, 2023

Fortinet has blunted the impact of the economic downturn by helping customers consolidate their security footprint and add protection in areas like OT, WiFi and SD-WAN. CEO Ken Xie says Fortinet's ASIC chip allows the company to take market share from rivals while delivering superior performance.

Leadership & Executive Communication

World Economic Forum's Cybersecurity Outlook 2023 Highlights

Anna Delaney • February 3, 2023

According to the World Economic Forum, geopolitical instability has helped to close the perception gap between business and cyber leaders' views on the importance of cyber risk management, and "91% of all respondents" believe that "a far-reaching, catastrophic cyber event" is on the horizon.

Fraud Management & Cybercrime

ISMG Editors: Does US Takedown Mark Hive Group's Demise?

Anna Delaney • February 3, 2023

In the latest weekly update, ISMG editors discuss the lasting effects of the takedown of the Hive ransomware group, why the U.S. government is warning of a surge in Russian DDoS attacks on hospitals, and why the lack of transparency in U.S. breach notices is creating more risk for consumers.

Application Security

Checkmarx CEO on Bringing Application, API Security Together

Michael Novinson • February 2, 2023

Organizations have struggled to understand why APIs are so strategic even though they're an intrinsic way businesses interface with their software, according to Checkmarx CEO Emmanuel Benzaquen. He says API abuse is slated to become one of the most common types of web application data breaches.

Cybercrime

Microsoft OneNote Is Latest Malware Vector

Prajeet Nair • February 2, 2023

Hackers stymied by Microsoft's crackdown on macros are shifting to malicious OneNote attachments. Particularly worrying is the takeup of the tactic by an initial access broker associated with various ransomware infections, say researchers from Proofpoint.

Identity & Access Management

Vectra CEO on How to Lower the SaaS, Identity Attack Surface

Michael Novinson • February 1, 2023

Cybersecurity vendors have gone all-in on reducing the cloud attack surface, but efforts to shrink the SaaS and identity attack surface remain in their infancy. Vectra has leveraged its artificial intelligence expertise to help triage and automate the alert response process, CEO Hitesh Sheth says.

Fraud Management & Cybercrime

ISMG Editors: Why Are Ransomware Profits Dipping?

Anna Delaney • January 27, 2023

In the latest weekly update, four ISMG editors discuss why it pays off to have well-practiced incident response plans, whether ChatGPT is a blessing or a curse for penetration testers and bug bounty hunters, and how Microsoft has reason to be cheerful as security sales hit $20 billion.

Cryptocurrency Fraud

What Federal Charges Against Bitzlato Mean for Cybercrime

Rashmi Ramesh • January 24, 2023

When the DOJ announced a "major, international cryptocurrency enforcement action," observers expected to see charges against a well-known firm. Instead, the agency charged a lesser-known figure, Anatoly Legkodymov, the Russian founder of Bitzlato, with facilitating $700 million in illegal activity.

Fraud Management & Cybercrime

2 Vendors Among BlackCat's Alleged Recent Ransomware Victims

Marianne Kolbasuk McGee • January 23, 2023

An electronic health records vendor and a pharmacy management services firm are purportedly among the latest healthcare sector victims of ransomware-as-a-service group BlackCat, also known as Alphv. NextGen Healthcare and PharmaCare Services appeared on BlackCat's leak site late last week.

Blockchain & Cryptocurrency

Spanish Authorities Arrest 3 in Bitzlato Crackdown

Akshaya Asokan • January 23, 2023

Spanish authorities arrested three senior executives of the now-defunct cryptocurrency exchange platform Bitzlato, Europol announced. The crime coordination agency says about 46% of the assets exchanged through Bitzlato, worth roughly 1 billion euros, were linked to criminal activities.

Fraud Management & Cybercrime

Australia Initiates Global Ransomware Task Force Operations

Mihir Bagwe • January 23, 2023

Australia started operating an international ransomware task force to facilitate information sharing and best practices worldwide. “Recent cyber incidents in Australia and around the globe are a stark reminder of the insidious nature of ransomware," said Minister for Home Affairs Clare O'Neil.

Security Operations

eSentire CEO Kerry Bailey on Using XDR to Cut Business Risk

Michael Novinson • January 20, 2023

eSentire has used the $325 million it received in February to leverage data from its Atlas XDR platform and strengthen customers' positions around cyber resiliency. The Kitchener, Canada-based company has shifted its focus from alerts and data to business worries and business risk.