Geek-Guy.com

Tag: ransomware attacks

The C-Suite Is Optimistic About Ransomware. Are They Right?

The majority of C-suite executives are confident in their organization’s protection against ransomware attacks. At least, that’s what a recent research report from ISC2 shows. In fact, just 15% express a lack of confidence. Does this confidence take into account the nearly 53% rise in double extortion ransomware attacks between January and February? Are the […]

The post The C-Suite Is Optimistic About Ransomware. Are They Right? appeared first on Security Intelligence.

Countdown to Ransomware: Analysis of Ransomware Attack Timelines

This research was made possible through the data collection efforts of Maleesha Perera, Joffrin Alexander, and Alana Quinones Garcia. Key Highlights The average duration of an enterprise ransomware attack reduced 94.34% between 2019 and 2021:  2019: 2+ months — The TrickBot (initial access) to Ryuk (deployment) attack path resulted in a 90% increase in ransomware […]

The post Countdown to Ransomware: Analysis of Ransomware Attack Timelines appeared first on Security Intelligence.

Black Basta Besting Your Network?

This post was written with contributions from Chris Caridi and Kat Weinberger. IBM Security X-Force has been tracking the activity of Black Basta, a new ransomware group that first appeared in April 2022. To date, this group has claimed attribution of 29 different victims across multiple industries using a double extortion strategy where the attackers […]

The post Black Basta Besting Your Network? appeared first on Security Intelligence.

ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups

IBM Security X-Force researchers have continually analyzed the use of several crypters developed by the cybercriminal group ITG23, also known as Wizard Spider, DEV-0193, or simply the “Trickbot Group”. The results of this research, along with evidence gained from the disclosure of internal ITG23 chat logs (“Contileaks”), provide new insight into the connections and cooperation […]

The post ITG23 Crypters Highlight Cooperation Between Cybercriminal Groups appeared first on Security Intelligence.

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence […]

The post New DOJ Team Focuses on Ransomware and Cryptocurrency Crime appeared first on Security Intelligence.

Expert Insights: What’s Next for Ransomware?

Last year, many organizations stopped talking about when the workforce would be back full-time in the office. Instead, they focused on how we build a hybrid work model for the future. 2021 was active and interesting – for lack of a better word. There’s a lot to say in terms of cyber crime in general […]

The post Expert Insights: What’s Next for Ransomware? appeared first on Security Intelligence.

Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

For the third year in a row, ransomware was the top attack type globally in 2021, despite some successes last year by law enforcement to take down ransomware groups. This was among the top findings of IBM Security’s latest research published in the tenth annual X-Force Threat Intelligence Index, a comprehensive overview of the global […]

The post Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022 appeared first on Security Intelligence.

Why Local Governments Remain at Risk of Cyber Crime

While big-name incidents fill the headlines, local governments and agencies face cyber crime at an alarming rate. In a very direct way, this impacts everyone’s life. The pandemic has forced state and local groups to deploy defenses at a distance over their networks and apps. But local security is often not encrypted and insecure, with […]

The post Why Local Governments Remain at Risk of Cyber Crime appeared first on Security Intelligence.

Active Ransomware Recovery: Five Steps for Success

When it comes to ransomware, it’s a matter of when not if. The data tells the tale. Both the volume and types of ransomware attacks are on the rise. Plus, attackers aren’t just after enterprises. They now target businesses of all shapes and sizes. That way, they increase their chances of breaching security perimeters and […]

The post Active Ransomware Recovery: Five Steps for Success appeared first on Security Intelligence.

What CISA Incident Response Playbooks Mean for Your Organization

What does the latest U.S. federal ruling on cybersecurity mean for you? The recent executive order and U.S. Cybersecurity & Infrastructure Security Agency (CISA) commentary on it could provide a good framework for defending against ransomware and other attacks. In its executive order on ‘Improving the Nation’s Cybersecurity,’ the White House directed the Secretary of […]

The post What CISA Incident Response Playbooks Mean for Your Organization appeared first on Security Intelligence.

Everything You Need To Know About Ransomware Attacks and Gangs In 2022

Ransomware is a lucrative business for criminals. It is paying off, and it is working.  According to a recent Trend Micro report, a staggering 84% of US organizations experienced either a phishing or ransomware attack in the last year. The average ransomware payment was over $500,000. Bad actors want to keep cashing in. So they’re […]

The post Everything You Need To Know About Ransomware Attacks and Gangs In 2022 appeared first on Security Intelligence.

2021 Manufacturing and Supply Chain Security Roundup

In 2020, ransomware actors demanded $17 million from a laptop maker and $34 million from a Taiwanese electronics contract company. The past two years have also delivered major disruptions for supply chains. The pandemic pushed supply chain attack issues front-and-center, with disruptions up 67% in 2020 and problems expected to persist as global markets adjust to the ‘new […]

The post 2021 Manufacturing and Supply Chain Security Roundup appeared first on Security Intelligence.

Ransomware Attackers’ New Tactic: Double Extortion

Need another reason to defend against ransomware instead of ending up having to find a solution other than paying it? Double extortion may be it. So, what is double extortion? When did it start? With this tactic, ransomware actors steal a victim’s data before their malware strain activates its encryption routine. They then have the […]

The post Ransomware Attackers’ New Tactic: Double Extortion appeared first on Security Intelligence.

Roundup: Ransomware, the Future of the Cloud and Cyber Careers

Digital threats can have physical consequences. As we’ve seen this year, the United States government is taking the threat of ransomware seriously. That’s especially the case when it comes to physical infrastructure. If your business ⁠— like many — lives at the intersection of the Internet of Things and the things that make our world […]

The post Roundup: Ransomware, the Future of the Cloud and Cyber Careers appeared first on Security Intelligence.

Understanding the Adversary: How Ransomware Attacks Happen

IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography and industry. As we have taken time to analyze these incidents, a clear pattern has emerged. Although we observe dozens of ransomware groups in operation across the globe, many with multiple affiliate groups working under them, most ransomware actors […]

The post Understanding the Adversary: How Ransomware Attacks Happen appeared first on Security Intelligence.

Rising Cyber Insurance Premiums Highlight Importance of Ransomware Prevention

No insurance premiums saw greater growth in the second quarter of 2021 than those related to cybersecurity. According to the Council of Insurance Agents & Brokers, cyber insurance premiums grew more than a quarter (25.5%) during that period. That’s well above the 17.4% increase witnessed by umbrella insurance and an average of 8.3% growth across […]

The post Rising Cyber Insurance Premiums Highlight Importance of Ransomware Prevention appeared first on Security Intelligence.

A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers

Ransomware. Five years ago, the cybersecurity community knew that term well, although among others it was far from dinner table conversation. Times have changed. Since early 2020, ransomware has hit a slew of headlines. People inside and outside of the security industry are talking about it, and many have experienced the ransomware pain firsthand. The […]

The post A New Cybersecurity Executive Order Puts the Heat on Critical Infrastructure Suppliers appeared first on Security Intelligence.

From Thanos to Prometheus: When Ransomware Encryption Goes Wrong

IBM Security X-Force researchers have recently reverse-engineered Prometheus ransomware samples as part of ongoing incident response operations. X-Force has found that samples that infected organizational networks featured flawed encryption. This allowed our team to develop a fast-acting decryptor and help customers recover from the attack without a decryption key. While rare, ransomware developers can make […]

The post From Thanos to Prometheus: When Ransomware Encryption Goes Wrong appeared first on Security Intelligence.

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

“How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization […]

The post 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR appeared first on Security Intelligence.

Data Security: How Data Activity Monitoring Protects Against Ransomware

Ransomware is an attack on your data. Can you say that your approach to preventing ransomware is focused on data? Organizations are becoming more aware of the chaos that ransomware can create — to the tune of $4.62 million in escalation, notification, lost business and response costs, according to the 2021 Cost of a Data […]

The post Data Security: How Data Activity Monitoring Protects Against Ransomware appeared first on Security Intelligence.

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed […]

The post Detections That Can Help You Identify Ransomware appeared first on Security Intelligence.

LockBit 2.0: Ransomware Attacks Surge After Successful Affiliate Recruitment

After a brief slowdown in activity from the LockBit ransomware gang following increased attention from law enforcement, LockBit is back with a new affiliate program, improved payloads and a change in infrastructure. According to IBM X-Force, a major spike in data leak activity on the gang’s new website indicates that their recruitment attempts have been […]

The post LockBit 2.0: Ransomware Attacks Surge After Successful Affiliate Recruitment appeared first on Security Intelligence.

Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight

Ransomware actors are specializing, collaborating and assisting each other to conduct sophisticated attacks that are becoming increasingly difficult to prevent. Combating these groups effectively similarly requires a team approach — specialization, understanding tactics and techniques and how to counter them and cutting off activity at its source. Arguably, it has never been more imperative that […]

The post Dissecting Sodinokibi Ransomware Attacks: Bringing Incident Response and Intelligence Together in the Fight appeared first on Security Intelligence.

What Has Changed Since the 2017 WannaCry Ransomware Attack?

The cybersecurity world is still feeling the effects of the 2017 WannaCry ransomware attack today. While the majority of the damage occurred in the weeks after May 12, 2017, WannaCry ransomware attacks actually increased 53% from January 2021 to March 2021. While researching my in-depth article WannaCry: How the Widespread Ransomware Changed Cybersecurity, I learned […]

The post What Has Changed Since the 2017 WannaCry Ransomware Attack? appeared first on Security Intelligence.