Tag Archive for: debate

Ransomware payment debate resurfaces amid Change Healthcare incident

/in


A hotly debated flashpoint in the cybersecurity community is getting renewed attention as healthcare stakeholders work to rebound from a major ransomware attack that’s roiled the U.S. health insurance market over the past month.

The Feb. 21 Change Healthcare ransomware attack carried out by the ALPHV/Blackcat hacking gang has delayed prescription fillings and led to cash crunches at clinics and other facilities. The American Healthcare Association said that 94% of hospitals are signaling financial impact due to the incident, with some providers losing upwards of $1 billion per day in revenues.

Change Healthcare reportedly made a $22 million ransom payment to the hackers. Soon after, the cybercrime collective appeared to stage a fake takedown of their own site. But analysts expect the group to reemerge under a new name.

The U.S. over the past year has been working with international partners to take a firm stance against ransom payments, though surveyed experts have not agreed on a single policy.

Some cyber industry leaders say that paying ransoms should be banned because it emboldens cybercriminals and helps fund more illicit activities, and that, in some cases, paying a ransom does not necessarily guarantee that compromised data will be returned.

Others argue that total bans put too much pressure on victims, and that sometimes payments need to be made in order to recover vital systems, like those seen in hospitals and critical infrastructure.

In a briefing with reporters Monday, the Department of Health and Human Services said it has not yet taken an official position on whether ransom payments should be banned, and later told Nextgov/FCW it would defer to the National Security Council and FBI on the matter.

The White House is maintaining its previously established position that ransoms should not be paid because payment incentivizes cybercriminals to conduct more ransomware attacks.

The Biden administration “strongly discourages paying of ransoms, to stop the flow of funds to these criminals and disincentivize their attacks,” Anne Neuberger, deputy national security advisor for cyber and emerging technology at NSC said in a statement to Nextgov/FCW.    

The FBI declined to…

Source…

Cyber Security Today, Jan. 11, 2023 – Debate on ransomware attacks dropping continues, beware of long-hidden backdoors and lots of patches released

/in


The debate on ransomware attacks dropping continues, beware of long-hidden backdoors and lots of patches released.

Welcome to Cyber Security Today. It’s Wednesday, January 11th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Another entry in the debate on whether ransomware attacks are going up or down has been issued. Last week researchers at Emsisoft said the truth in the U.S. is hard to figure out because so many attacks aren’t publicly reported. This week researchers at Delinea released a report saying a survey it paid for suggests ransomware last year was down significantly over 2021. Of the 300 American IT decision-makers surveyed, 25 per said they were victims of ransomware in 2022. By comparison, 64 per cent of respondents said their firm was hit in 2021. Respondents also said budgets for ransomware defence dropped last year, although that could be because IT leaders are folding defences against ransomware with defences against all types of cyber attacks. More worrisome, the number of companies with incident response plans dropped to 71 per cent last year from 94 per cent in 2022. There’s a link to the full report in the text version of this podcast.

Threat actors are known for installing back doors on victims’ IT infrastructure to enable their attacks. That’s why scouring an entire IT environment is vital after a successful breach of security controls to make sure back doors aren’t left around. The latest example comes in a report from researchers at U.K.-based S-RM Intelligence. It looked into an attack by the Lorenz ransomware gang. The gang exploited a vulnerability in an organization using Mitel’s VoIP phone system. However, it was able to do that by using a backdoor that had been installed five months before the ransomware was launched. One theory is an initial access broker compromised the victim’s IT infrastructure and installed the backdoor, then notified the Lorenz group. Whatever the explanation, it’s another example of why continuously searching for backdoors as well as patching vulnerabilities is essential.

Ransom demands linked to denial of service attacks aren’t talked about a lot. However,…

Source…

MPs to debate landmark IoT security law

/in


The proposed Product Security and Telecoms Infrastructure Bill will receive its second reading in the House of Commons today in a debate to be opened by current digital secretary Nadine Dorries, as it takes a significant step forward towards becoming law.

The bill – which mandates improved cyber protections for smartphones and other smart or connected internet of things (IoT) devices – has been years in the making. Its scope has expanded over time to include new provisions that will supposedly spur the roll-out of full-fibre broadband services by making it easier for operators to upgrade and share infrastructure, and reform the process of how they go about negotiating with landowners to whose property they need access.

At its core it places strict new requirements on the manufacturers and retailers of connected consumer technology, banning easy-to-guess default passwords programmed onto devices, creating a vulnerability-reporting system, and forcing manufacturers to be upfront about how long their products will receive security updates.

Failure to comply could result in fines of up to £10m, or 4% of global turnover, and up to £20,000 for every day in the case of ongoing breaches.

“Whether it’s your phone, smart speaker or fitness tracker, it’s vital that these devices are kept secure from cyber criminals,” said Dorries.

“Every product on our shelves has to meet all sorts of minimum requirements, like being fire resistant or [noting if it’s] a choking hazard, and this is no different for the digital age where products can now carry a cyber security risk. 

“We are legislating to protect people across the UK and keep pace with technology as it transforms our everyday lives,” she said.

The bill will apply to any device that can access the internet, including smartphones and smart TVs, games consoles, security cameras and connected alarms, smart toys and baby monitoring kit, smart home hubs and voice activated assistants (such as Alexa) and connected appliances such as washing machines and fridges.

Also in scope will be products that, while they can connected to other devices, do not directly access the internet themselves – such as smart lightbulbs…

Source…

Rising Ransomware Attacks Spur Debate Over Whether Cyber Insurance Is to Blame

/in


Last week Delaware County, Pennsylvania, joined a growing list of entities struck by ransomware. The Philadelphia suburb announced that it paid $500,000 to regain full access to its network after hackers encrypted police reports, payroll and expense databases and other files. However, the ransom payment was covered by the municipality’s insurance, according to local media.

Ransomware payment coverage is fairly common in most cybersecurity insurance polices as more organizations, including municipalities and law firms  fall victim to cyberattacks. But some observers argue such payments are incentivizing hackers and creating more ransomware opportunities.

Source…