Tag Archive for: Hitting

Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline

/in


Chainalysis got everyone’s attention with their new report. They write, in part:

2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update.

Ransomware payments in 2023 surpassed the $1 billion mark, the highest number ever observed. Although 2022 saw a decline in ransomware payment volume, the overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem. Keep in mind that this number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over $100 million.

The following figure from their report captures 2023 in terms of the number of different groups, the median ransom payment and frequency of payments per group.  A text description is provided in their report.

Source: Chainalysis

Read more at Chainalysis.

Source…

Hitting the Books: How hackers turned cybercrime into a commercial service

/in


As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet. Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers are able to swamp game servers and prevent players from logging on for hours or days at a time. The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any Tom, Dick, and Script-kiddie rental access to the same power. 

It’s a big internet out there, and bad actors are plentiful. There are worse things than spammers and scammers swimming in the depths of the Dark Web. In his new book, Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks, Dr. Scott J Shapiro, Professor of Law and Philosophy at Yale Law School traces the internet’s illicit history through five of the biggest attacks on digital infrastructure ever recorded.

portrait-oriented oil painting of a smirking bear in a purple suit, black text on red background top third of the space.

Farrar Straus Giraux

FANCY BEAR GOES PHISHING: The Dark History of the Information Age, in Five Extraordinary Hacks by Scott J. Shapiro. Published by Farrar, Straus and Giroux. Copyright © 2023 by Scott J. Shapiro. All rights reserved. 

Crime as a Service

Not all Denial of Service attacks use botnets. In 2013, the Syrian Electronic Army (SEA)—the online propaganda arm of the brutal Bashar al-Assad regime—hacked into Melbourne IT, the registrar that sold the nytimes.com domain name to The New York Times. The SEA altered the DNS records so that nytimes.com pointed to SEA’s website instead. Because Melbourne IT contained the authoritative records for the Times’ website, the unauthorized changes quickly propagated around the world. When users typed in the normal New York Times domain name, they ended up at a murderous organization’s website.

Conversely, not all botnets launch Denial of Service attacks. Botnets are, after all, a collection of many hacked devices governed by the attacker remotely, and those bots can be used for many purposes. Originally, botnets were used for spam. The Viagra and Nigerian Prince emails that used to clutter inboxes were sent from thousands…

Source…

Real-life nonviolent ‘RoboCops’ hitting the streets of NYC in city safety overhaul 

/in


It’s not just science fiction anymore.

Several nonviolent, real-life “RoboCops” are hitting the streets of New York City, as Mayor Eric Adams and the NYPD unveiled the latest technological upgrade for New York’s Finest.

The new devices — resembling, in many ways, the bots typically seen in sci-fi classics such as the 1987 action movie — are replete with new GPS gadgets, and include the return of a robot dog that the mayor said is “out of the pound” after being retired in 2021 due to outrage from advocates. 

Police Commissioner Keechant Sewell announced the three new additions on April 11 in what she called a pilot program that includes large security robots that somewhat resemble Daleks from the popular British Television series Doctor Who; a robot dog that officials say will be instrumental in dealing with explosives; and a GPS gun that like a James Bond gadget is used to shoot a tracking device onto the back of a fleeing vehicle. 

“To safeguard our modern city and a forward-looking world it is essential that our officers are equipped with the tools, training and technology necessary to do that job safely and effectively,” Sewell said. “The NYPD has always stepped forward. In every era, we have maximized public and officer safety through emerging technology. And that approach continues today.”

The large, wheeled robot is dubbed the K-5 autonomous security robot and is equipped with a camera. The technology is being leased by the NYPD and will be used inside areas, such as in transit as well as outdoors.

K-five autonomous security robot resembles a Dalek from the TV Show Dr. Who. Photo by Dean Moses
K-five autonomous security robot resembles a Dalek from the TV Show Dr. Who.Photo by Dean Moses

According to Chief of Department Jeffrey Maddrey, these machines are equipped with artificial intelligence to provide real time incident notifications to first responders. These robots are also being used on college campuses and shopping malls throughout the country, he added.

The second and perhaps most controversial piece of kit is the “Digidog,” a four-legged android that police say will be invaluable when dealing with hostage situations, bomb threats, or…

Source…

Netskope: How to Avoid Malware Hackers Hitting Cloud Apps

/in


by D. Howard Kass • Jan 11, 2023

New research by Netskope, a secure access service edge (SASE) specialist, found that more than 400 unique cloud applications delivered malware in 2022, nearly triple the amount of the prior year.

Where’s the Malware Originating From?

The Santa Clara, California-based company’s data also showed that some 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive. Netskope’s Cloud & Threat Report for 2022 also found that more than 25% of users worldwide uploaded documents daily to Microsoft OneDrive, while 7% did so for Google Gmail and 5% for Microsoft Sharepoint.

The drastic increase in active cloud users across a record number of cloud applications led to an increase in cloud malware downloads in 2022 from 2021, Netskope’s researchers said.

As Ray Canzanese, Netskope threat research director, explained:

“Attackers are increasingly abusing business-critical cloud apps to deliver malware by bypassing inadequate security controls. That is why it is imperative that more organizations inspect all HTTP and HTTPS traffic, including traffic for popular cloud apps, both company and personal instances, for malicious content.”

The Study, by the Numbers

In 2022, several geographic regions saw significant increases in the overall percentage of cloud vs. web-delivered malware compared to 2021, including:

  • Australia (50% in 2022 compared to 40% in 2021)
  • Europe (42% in 2022 compared to 31% in 2021)
  • Africa (42% in 2022 compared to 35% in 2021)
  • Asia (45% in 2022 compared to 39% in 2021)

In certain industries, cloud-delivered malware also became more prevalent worldwide:

  • Telecom (81% in 2022 compared to 59% in 2021)
  • Manufacturing (36% in 2022 compared to 17% in 2021)
  • Retail (57% in 2022 compared to 47% in 2021)
  • Healthcare (54% in 2022 compared to 39% in 2021)

Regarding Cyber Preparedness

Remote and hybrid work dynamics continue to pose multiple cybersecurity challenges, including how to securely provide users access to the company resources they need to do their jobs and how to scalably and securely provide users access to the internet.

Netskope recommends organizations take the following actions to avoid increased risk of…

Source…