Ransomware. Nearly every day, we learn about another major attack on companies such as JBS, Kaseya, and Quanta, a key supplier to Apple. Along with the increase in attacks, recent reports have shown the average ransomware recovery cost skyrocketed to $1.85 million this year. And, as companies have become more willing to accept attackers’ ransom demands to restore their mission-critical operations, the average ransomware payment has jumped to more than $170,000.
The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads.
Since the Colonial Pipeline incident in May 2021, the word “ransomware” has been circulating in public opinion and even in recent remarks from President Biden and law enforcement, along with warnings about how this type of advanced cyberattack on companies and individuals should be avoided. But what exactly is ransomware? Why are we suddenly talking so much about it now?
Incidents of ransomware have been increasing and evolving steadily for years as financially motivated adversaries shift tactics when one is no longer profitable. Unfortunately, many organizations haven’t been able to adapt their security operations to keep up. Back in 2019, 60% of organizations told ESG that they experienced a ransomware attack that year, with 29% reporting that attacks happened at least on a weekly basis.
Hancitor continues to exploit fake DocuSign emails to lure new victims. Researchers from Cofense have discovered yet another campaign distributing it, and apparently, that’s not the only one.
The United States Department of State is offering a reward of up to $10 million for information leading to the identification of anyone, working for a foreign government, who participates in a cybercriminal attack against American critical infrastructure. The news of the reward comes at the same time as the White House announced it was setting up a ransomware task force following a series of high-profile attacks in the United States.
There are multitudes of advantages that the cloud has to offer to companies. These include making the task of security management more accessible. However, there are still many gray areas associated with the cloud and its implications for an organization’s overall security.