Security News

Two UK VoIP operators have had their services disrupted over the last couple of days by ongoing, aggressive DDoS attacks. South Coast-based Voip Unlimited has confirmed it has been slapped with a "Colossal ransom demand" after being hit by a sustained and large-scale DDoS attack it believes originated from the Russian cybercriminal gang REvil.

"Many schools cannot operate without their computer systems, and some schools have had to cancel classes due to ransomware attacks," said Paul Bischoff, privacy advocate at Comparitech. "Resolving a ransomware attack without paying the ransom takes about two weeks on average, which is far too long for kids to be out of school. So ransomware creates urgency that makes schools more likely to pay up."

So what are these unexpected places besides supply chain attacks? Kaseya, a lot of people would argue that's not a supply chain attack.

Ransom demands have grown substantially over the past year, smaller companies are increasingly targeted, and cyber criminals continue to take advantage of dislocations in how we work, according to...

To date, the No More Ransom repository of ransomware decryptors has helped more than 6 million victims recover their files, keeping nearly a billion euros out of the hands of cybercriminals, according to a Monday release. Launched five years ago, No More Ransom is maintained via cooperation between the European Cybercrime Centre and several cybersecurity and other types of companies, including Kaspersky, McAfee, Barracuda and AWS. Its purpose is to keep victims from handing over the cash that helps fuel more ransomware attacks, according to Europol.

No More Ransom is celebrating its 5th anniversary and the project says it has helped more than 6 million ransomware victims recover their files and prevented cybercriminals from earning roughly $1 billion. No More Ransom is a joint effort of law enforcement and cybersecurity companies whose goal is to help victims of ransomware attacks recover their files without having to pay the ransom demanded by criminals.

The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments. "The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free," the Europol said.

Rather, it's about why victims still pay for a key needed to decrypt their systems even when they have the means to restore everything from backups on their own. Experts say the biggest reason ransomware targets and/or their insurance providers still pay when they already have reliable backups is that nobody at the victim organization bothered to test in advance how long this data restoration process might take.

Amidst the massive supply-chain ransomware attack that triggered an infection chain compromising thousands of businesses on Friday, new details have emerged about how the notorious Russia-linked REvil cybercrime gang may have pulled off the unprecedented hack. The Dutch Institute for Vulnerability Disclosure on Sunday revealed it had alerted Kaseya to a number of zero-day vulnerabilities in its VSA software that it said were being exploited as a conduit to deploy ransomware.

The REvil ransomware gang is increasing the ransom demands for victims encrypted during Friday's Kaseya ransomware attack. With Friday's attack on Kaseya VSA servers, REvil targeted the managed service providers and not their customers.