Security News
Survey of nearly 1,000 IT and security professionals shows 83% of organizations were targeted by ransomware attacks in the past year with a high degree of success, sounding alarming trends in attack frequency, severity, and consequences. Companies are suffering successful ransomware attacks multiple times within the same year - resulting in closures, layoffs, loss of revenue and customer trust, and cancelation of cyber insurance.
The sophistication of cyber threats has escalated dramatically, with malicious actors' deploying advanced tactics, techniques, and procedures to exploit vulnerabilities and evade detection, according to Darktrace. "The threat landscape continues to evolve, but new threats often build upon old foundations rather than replacing them. While we have observed the emergence of new malware families, many attacks are carried out by the usual suspects that we have seen over the last few years, still utilizing familiar techniques and malware variants," comments Nathaniel Jones, Director of Strategic Threat and Engagement at Darktrace.
The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual ransom demand hitting $60 million. Attacks involving ransomware have targeted several critical infrastructure sectors spanning commercial facilities, healthcare and public health, government facilities, and critical manufacturing.
Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises, according to Rapid7. Rapid7 researchers found three major clusters of ransomware families with similar source code, indicating that ransomware groups are focusing their development efforts on quality over quantity.
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. [...]
CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. [...]
On Tuesday, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation. [...]
The UK's Information Commissioner's Office (ICO) has announced a provisional decision to impose a fine of £6.09M ($7.74 million) on Advanced Computer Software Group Ltd (Advanced) for its failure...
The UK's data protection watchdog says it plans to fine a managed software provider to the NHS £6.09 million for failings that led to a 2022 ransomware attack. Advanced pulled its systems offline on August 4, 2022, in an incident that was eventually attributed to LockBit, back in its heydey which has thankfully now ended.
One of the US's largest car dealerships says the IT outage caused by CDK Global's June ransomware attack cost it approximately $30 million. Sonic Automotive filed a Form 8-K with the Securities and Exchange Commission on Monday alongside the release of its quarterly financials, confirming that like its rivals, it too was materially affected by the incident at CDK. Of the total $30 million drop in pre-tax GAAP income, $11.6 million of that related to additional compensation paid to staff, and possibly external contractors, who helped to handle the outage, it said.