Security News

Cyber insurance isn't exactly driving organisations to improve their infosec practices, a think-tank has warned - and some insurers are thinking of giving up thanks to the impact of ransomware. "To date, the shortcomings of cyber insurance mean that its impact is ultimately more limited than policymakers and businesses might hope," concluded the Royal United Services Institute's latest report, Cyber Insurance and the Cyber Security Challenge.

A so-called "Pen-tester" for the financial cybergang known as FIN7 will spend seven years in the slammer after being convicted for payment-card theft. FIN7 is a well-known threat that's been circulating since at least 2015.

The cybercrime ring that was apprehended last week in connection with Clop ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. "The group - also known as FANCYCAT - has been running multiple criminal activities: distributing cyber attacks; operating a high-risk exchanger; and laundering money from dark web operations and high-profile cyber attacks such as Cl0p and Petya ransomware," popular cryptocurrency exchange Binance said Thursday.

A ransomware targeting an Israeli company has led researchers to track a portion of a ransom payment to a website promoting sensual massages. "During our investigation of the infected machines, we came across what seemed to be a treasure trove of information stored in the Music folder. It consisted of the ransomware binary itself, along with several other files-some encrypted, some not-that we believe the threat actors used to gather intelligence and propagate through the network," explains Profero's and Security Joe's report.

Deductibility is a piece of a bigger quandary stemming from the rise in ransomware attacks, in which cybercriminals scramble computer data and demand payment for unlocking the files. A ransomware attack on Colonial Pipeline last month led to gas shortages in parts of the United States.

The FBI's director told lawmakers Thursday that the bureau discourages ransomware payments to hacking groups even as major companies in the past month have participated in multimillion-dollar transactions aimed at getting their systems back online. Besides the fact that such payments can encourage additional cyberattacks, victims may not automatically get back their data despite forking over millions, "And that's not unknown to happen," Wray said.

Even though law enforcement groups around the world urge ransomware victims not to pay up, Colonial apparently decided to hand over what was then $4.4 million in bitcoins anyway. Sadly, the value of Bitcoin has taken a tumble since last month, so even though 85% of the bitcoins involved in the blackmail payment were recovered, they're now worth about 50% of what they cost when Colonial purchased them to do its deal with the criminals.

The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation. On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation.

Computer Services is participating in the FedNow Pilot Program to advance instant payments in the U.S. The program is designed to foster industry partnerships in development of the Federal Reserve's new real-time payments service. As part of the FedNow Pilot Program, CSI will support development, testing and adoption of the FedNow Service.

Ransomware victims are increasingly falling back on their cyber-insurance. Paid ransomware attackers almost $500,000,which the city announced would be mostly covered by insurance.