Welcome to ISMG's Ransomware Resource Center!

Ransomware has rapidly become one of the world's most prevalent types of cybercrime. The lure for criminals is easy to see: Using highly automated and easily distributed crypto-locking malware to forcibly encrypt systems, attackers can demand bitcoin ransoms in exchange for decryption keys. Use this Ransomware Resource Center for the latest details on emerging ransomware variants, threat intelligence on attackers, plus best practices for detection, response and remediation.

France Warns of Stolen Healthcare Credentials

Marianne Kolbasuk McGee • February 23, 2021

French authorities are warning the country's healthcare sector of the discovery of a glut of stolen credentials, apparently belonging to hospital workers, that were found for sale on the dark web. The alert comes amid a recent rise in ransomware attacks on hospitals and other healthcare entities.

Breach Notification

Ransomware: Average Ransom Payment Declines to $154,108

Latest

Cybercrime

Ransomware Attack Cripples Finnish IT Provider TietoEVRY

Akshaya Asokan • February 24, 2021

Finnish IT giant TietoEVRY announced Tuesday that ransomware crippled its infrastructure, forcing it to take down affected systems to contain the spread of the malware.

Breach Notification

Eye Care Practice: Vendor Paid Ransom for Return of Data

Marianne Kolbasuk McGee • February 19, 2021

A California-based eye care provider – which also handles billing and other administrative services for a separate local surgery practice – says its online storage vendor was recently hit by hackers and paid a ransom for the return of patient data stolen from both entities.

Breach Notification

2020 Breach Statistics: An Analysis

Nick Holland • February 5, 2021

The decline in the total number of U.S. data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report.

Critical Infrastructure Security

Analysis: The Persistent Ransomware Threat

Anna Delaney • February 5, 2021

The latest edition of the ISMG Security Report features an analysis of the persistent threat of ransomware. Also featured: Sorting out breaches tied to Accellion’s File Transfer Appliance; an update on fraud trends in 2021.

Fraud Management & Cybercrime

Mastercard Brings Cyber Education to Small Businesses

Nick Holland • February 3, 2021

Small businesses have been disproportionately affected by hackers in recent months. To aid in countering the threat, Mastercard has launched a cybersecurity education effort targeting this market segment. Paul Trueman, a senior vice president Mastercard, explains the “Trust Center” initiative.

Cybercrime as-a-service

Is Trickbot Botnet Making a Comeback?

Akshaya Asokan • January 30, 2021

Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security. Researchers had warned the malware might surface again after a coordinated takedown of the botnet's infrastructure in 2020.

Active Defense & Deception

Analysis: Emotet and Netwalker Takedowns

Anna Delaney • January 29, 2021

The latest edition of the ISMG Security Report features an analysis of this week’s police takedowns of Emotet and Netwalker cybercrime operations. Also featured: Updates on passwordless authentication and the use of deception technology.

Business Continuity Management / Disaster Recovery

Ransomware: Should Governments Hack Cybercrime Cartels?

Mathew J. Schwartz • January 27, 2021

With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels. They're also calling for a review of cyber insurance payouts being used to fund ransoms.

Breach Notification

Cyber Incident Knocks Construction Firm Palfinger Offline

Doug Olenick • January 25, 2021

The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline, eliminating its ability to use email and conduct business.

COVID-19

Good News: Cryptocurrency-Enabled Crime Took a Dive in 2020

Mathew J. Schwartz • January 25, 2021

Good news on the cybercrime front: "Cryptocurrency-related crime fell significantly in 2020," compared to 2019, reports blockchain analysis firm Chainalysis. Unfortunately, in the same timeframe, ransomware profits surged 311%, stoking calls for a crackdown on ransom payments.

Fraud Management & Cybercrime

Texas Medical Center Breach Affects 640,000

Marianne Kolbasuk McGee • January 22, 2021

An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals.

Fraud Management & Cybercrime

Ransomware Incident Reportedly Leads to Health Data Leak

Marianne Kolbasuk McGee • January 20, 2021

An apparent ransomware attack that targeted an operator of occupational clinics used by employees of transportation companies and government agencies has reportedly resulted in the leak of some workers' health data.