X-Industry

Ransomware has been a cyber security issue for the past several years and somewhat hits its peak - with the Colonial Pipeline ransomware attack.  Ransomware is defined as a form of malicious software that is designed to restrict users from accessing their computers or files stored on computers until they pay a ransom to cybercriminals.

Ransomware typically operates via the cryptovirology methods or using cryptography (encryption) to design powerful malicious software.  The software then uses sym

Robinhood was known for “Stealing from the Rich, and Giving to the Poor.”  Not so in the last two years.  For the second time Robinhood Markets Inc. has been attacked by cyber criminals.  Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week.  The bad actors then demanded a ransom payment.  The intruder obtained email addresses of about 5 million people as well as full names for a separate group

Area Maritime Security Committees 2020 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices.  The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report[1] on the status and work completed in 2020 by Area Maritime Security Committees.  Area Maritime Security Committees 2020 Annual ReportArea Maritime Security Committees 2020 Annual Report.[2]

Area Maritime Security Committees (AMSCs) provide a valuable forum to discuss and a

During October 2021, the cyber sector celebrated the 18^th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month.  Under the slogan “Do Your Part #BeCyberSmart”, the Cybersecurity and Infrastructure Security Agency (CISA) together with the National Cyber Security Alliance (NCSA) each year encourage individuals and organizations to own their role in protecting cyberspace by emphasizing personal accountability and the importance of taking pr

Activity Summary - Week Ending on 5 November 2021:

• Red Sky Alliance identified 18,221 connections from new IP’s checking in with our Sinkholes
• Analysts identified 5,681 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 16191 Observation
• UpdateAgent Variant (Wizard Update)
• NPM Library Hijacked
• Black Friday and Cyber Monday
• Squid Games
• High/Low Risk Countries
• Nuclear Ransomware
• Lockean in France
• Tobacco Company being Hit

Link to full report: IR-21-309-00

Cybersecurity researchers are warning about a rise in cyber criminals going after mobile devices as a means of gaining entry to networks.  There has been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.

The energy industry is highly critical, providing people with vital services required for everyday use.  That role makes it a prime target for cyber criminals.  That risk was de

The secure messaging service Signal[1] has released the details of a search warrant it received from the Santa Clara, California Police which shows the efforts US law enforcement agencies will go to force online platforms into disclosing the personal information of their users.  In the search warrant, the police sought to get the name, street address, telephone number, and email address of a specific Signal user, which is not necessarily unusual.  It also wanted billing records, the dates of whe

CISA issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities to evolve the approach to vulnerability management and keeping pace with threat activity.  The directive establishes a CISA managed catalog of known exploited vulnerabilities and requires federal civilian agencies to identify and remediate these vulnerabilities on their information systems.

Although BOD 22-01 requires action from federal civilian agencies only, CISA strongly re

Cyber threat actors must hate children this year.  Ferrara Candy the company that makes Nerds, Laffy Taffy, Now and Laters, SweetTarts, Jaw Busters, Nips, Runts and Gobstoppers announced that it was hit with a ransomware attack just weeks before it prepares for one of its biggest holidays, Halloween. The Illinois-based company released a statement that on 09 October 2021, they "disrupted a ransomware attack" that encrypted some of their systems. 

"Upon discovery, we immediately responded to secu

Activity Summary - Week Ending on 27 October 2021:

• Red Sky Alliance identified 36,141 connections from new IP’s checking in with our Sinkholes
• Analysts identified 41,071 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 32074 times seen
• Harvester Part II
• Vulnerability on Confluence Server
• EntroLink
• Russia, Russia, Russia
• Iranian Gas Stations
• Walmart
• COP = Climate Activism escalation
• Climate and Animal Rights Activists join Forces to eliminate Meat

Link

The prevalence of ransomware has had a devastating impact on businesses over the past few years, with insurance underwriters seeing increasingly large ransomware payouts.  As a result, some core cyber security hygiene fundamentals are being required by insurers to qualify for coverage.   Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack.   For example, secure cloud backup has become a hard and fast requirement. Most cyber insu

A recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years.  A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”

The new report, titled “Feder

Federal law enforcement officials announced on 26 October 2021 that a wide-ranging, global illicit drug crackdown yielded 150 arrests and the seizure of more than $31.6 million in cash and virtual currencies.  The 10-month law enforcement initiative called Operation Dark HunTOR, after the encrypted Internet tool, was conducted in partnership with international counterparts.  The operation produced 234 kilograms (500 lbs.) of seized drugs.  Of those arrested, 65 were in the US and the remaining w

Microsoft has teamed up with Intel and Goldman Sachs to push for hardware security improvements that could help to mitigate supply chain risks.  Working under the auspices of the non-profit Trusted Computing Group (TCG), the companies have created a new Supply Chain Security workgroup that will aim to bring in experts from across the tech sphere.

The TCG argued that malicious and counterfeit hardware is particularly difficult to detect as most organizations don’t have the tools or in-house knowl

Creating human-like AI is about more than mimicking human behavior technology must also be able to process information, or ‘think’, like humans too if it is to be fully relied upon.  New research, published in the journal Patterns and led by the University of Glasgow’s School of Psychology and Neuroscience, uses 3D modeling to analyze the way Deep Neural Networks are part of the broader family of machine learning process information, to visualize how their information processing matches that of

Auto manufacturers cannot afford to penny-pinch on cyber security and should manage risk from the very beginning of the design process and across the software development lifecycle and supply chain.  Cyber security affects our everyday lives, from the small-scale phishing emails you receive in your inbox to the ransomware attack that shut down the Colonial Pipeline earlier this year and caused panic and a run on fuel.  And it’s not just fuel that can be affected by cybersecurity attacks, but als

When a business, government agency or any other organization gets hit by ransomware and opts to pay a ransom to its attacker in exchange for a decryption key or some other promise, on average it pays $140,000.  This is the average amount disclosed by ransomware incident response firm Coveware, based on thousands of incidents it investigated from July through August 2021.

In a new report detailing Q3 trends, Coveware says that the average ransom payment remained largely steady, compared to Q2, wh

Ukrainian authorities have detain a criminal gang who laundered funds for Russian hacking groups.  Ukraine’s national police detained suspects on 25 October 2021, for stealing funds from cryptocurrency wallets and laundering profits for cybercrime organizations.   

The arrests took place as part of a joint investigation with US authorities, the Ukrainian National Police (NPU) said in a press release.  An undisclosed number of suspects were detained following house searchers across the country.

A

Activity Summary - Week Ending 22 October 2021:

• Red Sky Alliance identified 22,569 connections from new IP’s checking in with our Sinkholes
• Analysts identified 594 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 20279 times seen
• FontOnLake Malware
• Tanglebot
• Harvester APT
• LightBasin - China
• Missouri Teacher’s Pension System
• Sinclair Broadcast Group
• “Huawei on Wings”
• Rising Hackers in Vietnam and Turkey

Link to full report: IR-21-295-001_weekly_295.pdf