Security News

The COVID-19 pandemic continues to shape the face of cybercrime in 2020, with ransomware and attacks on internet of things devices seeing sharp increases in the U.S. for the first half of the year. According to SonicWall's 2020 Cyber Threat Report ransomware attacks are up, particularly in the U.S., where they have more than doubled year-over-year.

The first half of 2020 saw malware decline 24% globally, but IoT attacks and ransomware are up, with the US seeing a staggering 109% rise in ransomware, according to new data from the security company SonicWall. In the first six months, global malware attacks fell 24%, to 3.2 billion from 4.8 billion in the year-earlier period, according to SonicWall's midyear threat report.

In a new report released on Wednesday, enterprise security provider Balbix looks at the top threats cited in a survey of security professionals. For many organizations, limited visibility into their security holes and an inability to prioritize security issues are creating greater risk.

Cloud software provider Blackbaud has admitted that it paid cybercriminals to regain control of data following a ransomware attack in May 2020. Last week, the company published a notice on a ransomware attack that it fell victim to in May 2020, claiming that it was able to discover and stop the assault, but not before some data was exfiltrated by the attackers.

The developers of the Mac malware named ThiefQuest continue to improve their creation and researchers noticed that the latest versions of the threat no longer include ransomware functionality. Security experts noticed that the ransomware functionality was incomplete and the main goal of the malware was likely not to help threat actors make a profit from the ransom paid by victims.

Blackbaud, a cloud software provider specializing in fundraising suites for charities and educational institutions, quietly paid off a ransomware attacker - and then got around to telling customers about it a full two months later. "After discovering the attack, our Cyber Security team - together with independent forensics experts and law enforcement - successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system," said Blackbaud.

A total of seven ransomware families have been found to target processes associated with operational technology software, and FireEye this week published an analysis of these pieces of malware. Many ransomware families are designed to kill certain types of running processes.

A report released Wednesday by security provider Positive Technologies discusses the trends of ransomware attacks during the first quarter of 2020. For its "Cybersecurity Threatscape Report for Q1 2020," Positive Technologies found that more than a third of malware-based cyberattacks during the quarter were ransomware attacks.

Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J Serna says the company is aware of a "Threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network, exfiltration of data, and attempts to escalate privileges to launch a ransomware attack."

Every time ransomware moves out of the news cycle, someone will ask whether cybercriminals have moved on to other, perhaps more lucrative, activities. In contrast to Ransomware 1.0, big-game ransomware attacks are well planned, targeted and have a greater chance of earning the perpetrators money.