On the surface, ransomware – malicious software designed to block access to a computer system until a sum of money is paid – appears to be off to yet another ruthless start in 2023 as one of the leading types of malware. Recent victims of public attacks in North America include industries such as health care, communication, education, and even government offices and municipalities.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has identified and designated Mikhail Matveev for his role in ransomware attacks back 2021. When the U.S. sanctions a country, a business, or a group, the intent is to A) confiscate any and all property owned by the designee within the U.S. or in the possession of a U.S. person, and B) add the designee to the Specially Designated Nationals and Blocked Persons (SDN) List.
Most malware security researchers encounter in the wild is written in C or C++. These languages provide low-level system access and control, plus performance, allowing threat actors to create highly efficient and stealthy code. But that doesn’t mean cybercriminals are limited to those two languages. SecurityScorecard recently reverse-engineered the Vjw0rm worm written in JavaScript and the Java-based STRRAT remote access trojan (RAT).
SeroXen is a new Remote Access Trojan (RAT) that showed up in late 2022 and is becoming more popular in 2023. Advertised as a legitimate tool that gives access to your computers undetected, it is being sold for only $30 for a monthly license or $60 for a lifetime bundle, making it accessible.
The US healthcare sector continues to be aggressively targeted by ransomware operators. Royal and BlackCat are two of the more recent – and highly sophisticated – ransomware threats. These two new flavors of ransomware pose serious potential impacts on the healthcare sector, but there are appropriate mitigation and defense strategies that organizations can take to protect against them.
Read also: IT analyst poses as ransomware group to hijack ransom payment, iSpoof founder gets 13 years in prison, and more.
There is still a long way to go in the quest for equal representation in cybersecurity. While Women’s History Month and International Women’s Day are a important catalysts for discussions aimed at addressing the issue, we should not limit efforts to a limited time of the year. It’s a goal we should turn our attention to 365 days of the year.
Whitworth University is a small private Christian university located in Spokane, Washington. The school manages information for more than 3,000 students each year, and all that data was put at risk when the school was hit by a ransomware attack. The unexpected attack caused the students to lose personal data and put them at serious risk of an identity theft attack. This university earns approximately $150 million in revenue annually and maintains a staff of over 720 people.
