One of the US’s largest insurance companies reportedly paid $40 million to ransomware hackers
The Verge, Mitchell Clark
“If the $40 million figure is accurate, CNA’s payout would rank as one of the highest ransomware payouts….” Read More
This is how long hackers will hide in your network before deploying ransomware or being spotted
ZDNet, Liam Tung
“To put this in context, 11 days potentially provide attackers with approximately 264 hours for malicious activity, such as lateral movement, reconnaissance, credential dumping, data exfiltration, and more. Considering that some of these activities can take just minutes or a few hours to implement, 11 days provide attackers with plenty of time to do damage.” Read More
Colonial Pipeline hackers received $90 million in bitcoin before shutting down
CNBC, Ryan Browne
“The average payment from organizations was likely $1.9 million. ‘To our knowledge, this analysis includes all payments made to DarkSide, however further transactions may yet be uncovered, and the figures here should be considered a lower bound.’” Read More
Ransomware’s Dangerous New Trick Is Double-Encrypting Your Data
Wired, Lily Hay Newman
“But the rise of double encryption as a strategy raises the additional risk that a victim could pay, decrypt their files once, and then discover that they need to pay again for the second key. As a result, the threat of double encryption makes the ability to restore from backups more crucial than ever.” Read More
Ransomware attacks are only getting worse, DarkSide group “quits,” but that may just be a strategy
TechSpot, Adrian Potoroaca
“The main issue with ransomware attacks is the difficulty of catching the people responsible for them, as some of them reside in countries that can be described as cybercrime safe havens. A notable example is North Korea, which is said to have used cryptocurrency experts and hackers to steal billions of dollars, aiding its military ambitions and allowing it to evade US sanctions.” Read More
