Ransomware as a Service (RaaS) has a nice ring to its name, yet it spells big trouble for all businesses and government alike. Targeted ransomware attacks are likely to increase in 2020 as RaaS continues to evolve into an even more profitable business model for cyber criminals. This is one of the opinions expressed by numerous cyber security experts interviewed at RSA 2020.[1] Dark web researchers are noticing a spike in demand for RaaS applications in hacker forums. The ease of availability
All Articles (2148)
Sort by
Phishing attacks are the most common method of attacking any organization. These types of attacks have been observed in all industries and government entities. The latest infiltration campaign used by Iranian state sponsored hackers has been named, “The Return of the Charming Kitten.” In this particular effort, hackers have targeted individuals in organizations that have been involved in economic and military sanctions against the Islamic Republic of Iran. These targets include politicians,
A Massachusetts utility company power station was attacked by ransomware recently, and the company refused to meet attackers' ransom payment demands. The Reading Municipal Light Department (RMLD) was targeted on 21 February 2020 by cyber-criminals trying to extort money by encrypting data in the station's computer system. Unfortunately for them, management opted to hire an outside cyber threat consultant to help them deal with the ransomware infection instead of paying for the return of their
Artificial Intelligence (AI) has been viewed as the right answer to all our questions for the past few years. AI, like a lot of technology, can be used for both Good and Evil. This article explores how AI is being used on both sides of the fight.
Link to the full report: TR-20-054-001_AI hazards.pdf
From Script Kiddies hackers and sophisticated Cybercriminals, to at times even State sponsored professional hackers; all are bent on the failure of consumers and companies to properly protect themselves. Different motives, but all the same outcome of network disruption and financial ruin. Weak passwords, vulnerabilities in software and systems, exposed sensitive information, all of these can lead a hacker to compromise your accounts and data. Recent reporting from our Red Sky Alliance securit
From our Friends at the US Multi-State (MS)-ISAC:
OVERVIEW Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the con
Ransomware attacks have matured over the years, adopting more stealthy and sophisticated techniques, while at the same time fixing many of the implementation errors that earlier iterations had. Many attacks are now gaining a new data leak component, which exposes companies to more than the traditional data loss associated with ransomware. The trends observed by researchers over the past year indicate that these attacks are not going away and are likely to increase in frequency. With the adven
The FBI’s Internet Crime Complaint Center (IC3) published its 2019 Internet Crime Report which stated that cybercrime was behind individual and business losses of $3.5 billion, represented by 467,361 reported complaints received last year. Under the subsection titled: “Reported Complaints,” many individuals and businesses did not report their losses and this dollar amount of losses is under reported. IC3 says that it has received 4,883,231 complaints since its inception in May 2000, with an av
From our Friends and Colleagues at Dryad:
The coronavirus outbreak in China has forced several countries to resort to stringent quarantine checks in their battle to contain the spread and the measures are starting to have a knock-on effect on the global commodities shipping market.
Delays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages in amounts ranging from $100-$750 per incident, even in the absence of any actual harm, with the passage of the California Consumer Privacy Act (“CCPA”). The class actions that follow are not likely to be limited to California residents, but will also include non-California residents pursuing claims under common law theories. At Red Sk
In daily business, you use strong passwords, change them often, update your anti-virus software and use common sense to protect yourself from malicious attacks that could harm your home computer. But what else can you do when you travel?
When you are traveling, you are unaware of many types of threats, how can you keep your communications gear safe when you are not in the office or your own home? According to a recent report, loses related to cybercrime is projected to exceed $6 trillion by 2
It is getting more expensive for organizations that are victims of ransomware attacks to recover. The average cost more than doubled in the final quarter of 2019. According to a recent report, an average total cost of negotiation, remediation and ransom payment is $84,116. This amount is almost double the previous figure of $41,198.
This increase is not only the result of cybercriminals demanding higher ransom amounts, but the increase in the number of victims who are willing to pay the ranso
Does your company have $50 million to spare? That is how much a ransomware attack cost Norsk Hydro in the first quarter of 2019. A total of 22,000 computers had their files forcibly encrypted across 40 countries in which the aluminum producer operates. Employees were using typewriters and manual production lines where possible to operate the business. Norsk Hydro did not pay the hackers’ ransom and was completely honest about what happened. Its approach was praised by both law enforcement and
Europol.com
The new 2020 decade started with many twists and turns inside the Geo-Political (GEOPOL) World; specifically, the current Iran / US escalation of tensions and associated US sanctions. This has raised cyber concerns with international governments and private sectors alike. Researchers are providing various “warnings” to keep in mind when dealing with international political, business affairs, and hybrid terrorism. The new attack phenomenon is the convergence of physical and cyber-a
Our friends and colleagues at Dryad Global, Experts in Global Issues and Maritime Security Risk Management, has provided us with their 2019 Global Security Review and 2020 risk assessment for the Shipping Industry. Red Sky Alliance has been working close with Dryad this past year and we have observed and appreciated their timely and actionable maritime intellgience reports. This information is of extreme valuable to our members who operate in the Transportation Sector.
From Dryad: "Managed b
Our friends at Global Rescue offer their 2020 Travel Trends, which are very usful for Red Sky Alliance members who travel internationally. Global Rescue is a trusted partner of Red Sky Alliance.
Link to full report:
https://www.globalrescue.com/common/blog/detail/Travel-Trends-for-2020/
After the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial. So now everyone is waiting to see how Russia will respond.
In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use. 2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but
Summary
Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani. Evidence indicates that these are low level attacks looking to target convenient and insecure targets. The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely
A class action lawsuit was filed in California against TikTok, the Chinese social media platform developer, in November 2019. The lawsuit claimed that the TikTok app was designed to “covertly tap into a massive array of private and personally-identifiable information” and used “non-standard encryption to conceal the transfer of such data from users’ devices to Defendants.”
The 46-page lawsuit text contained details about the data types that TikTok was collecting, including user-generated video
FBI Flash Bulletin / TLP GREEN
Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019. Maze encrypts files on an infected computer’s file system and associated network file shares. Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data. After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key. An international
