Joe Biden still hasn't responded to a Russian-linked ransomware attack after vowing in a meeting with Vladimir Putin last month to get tough on the Kremlin.The Homeland Security ranking member said: 'Adversaries like Russia are creating safe havens for bad actors and we must project strength'.is 'facing a time of reckoning' in relations with Russia when it comes to deterring from cyberattacks says huge REvil hack is a 'moment of reckoning' after Biden 'talked tough' with Putin - as ransom is lowered to $50million As the number of attacks increases in 2020, ransomware attacks are driven by the unrest caused by the Covid-19 epidemic has become lucrative for cybercriminals.EXCLUSIVE: Top Homeland Security Committee GOP Rep. These file-encrypting attacks continue unabated this year. The last few months have seen the only attack on the Colon Colonial Pipeline that forced the company to cut off most of its east coast – and its gas supply, a hack from meat supplier JBS that abruptly shut down its slaughterhouse. The world, and just this month IT supply chain Cassia was hit by a supply chain attack that saw hundreds of streams of people locked out of their systems. However, as ransom attacks continue to make headlines, it is almost impossible to understand their full impact, and as cybercriminals pay to demand their release – it is not known whether some decisions have been made. Jack Cable, a security architect for the Krebs Stamos Group who previously worked for the US Cybersecurity and Infrastructure Agency (CISA), is trying to solve that problem by launching a public release tracking website. “Through Katie Nichols’ tweet, I was inspired to start ransomware that no one really knows the full impact of cybercrime and ransomware in particular,” she told Cable TechCrunch. “After seeing that there is currently no single place for public data on rinsomware payments and that it is not very difficult to track bitcoin transactions, I started hacking it all together.” The website maintains an ongoing statistic of the ransom paid to cybercriminals on Bitcoin, thanks to the public record-keeping of transactions on the blockchain. Since the site is crowded, it includes data on self-reported incidents of ransomware attacks, which anyone can submit. However, to ensure that all reports are valid, a screenshot of the ransom payment needs to be taken for each submission and each case is reviewed by itself before it becomes publicly available. If the authenticity of an approved report is later questioned, it will be removed from the database. The already growing database, which does not include any personal or victim-identifying information, is available as a free download for the cybersecurity community and law enforcement officials, which will only hopefully help provide some much-needed public clarity about the current situation.The FBI notes in its annual IC3 report that ransomware is uniquely underreported, and its statistics can't really be trusted. Various blockchain analysis groups have the means to compile ransomware statistics, but only for a price. That is unfortunate, as the information would be invaluable as researchers hope to get a handle on the scope of ransomware and what could be done to prevent further outbreaks. "We don't have at least publicly comprehensive data sets for payments. And without that, it can be hard to gauge the impact of whether what we're doing makes a difference," said Jack Cable, a Krebs Stamos Group researcher. In his spare time Cable's working on Ransomwhere, an open visualization website analyzing Bitcoin wallet transactions. Cable formally launched the site last week, based on publicly available wallet information, user wallet submissions and bulk information donations from researchers. If the project goes well, Cable sees it as a means to evaluate the success of different ransomware prevention policies. "People have proposed different ways of combating ransomware via economic means, whether that's outright banning payments or other methods, such as Putin to get some of this under control. But we need to actually know how well things are working and whether these actions are changing the game," said Cable.īased on limitations in the amount of data Cable has been able to aggregate, the site currently tracks $60 million in ransomware transactions over the course of history. The FBI, in the statistic it worried was wildly underreported, saw $29 million in transactions last year alone. The blockchain analytics group Chainalysis pegs the yearly number at close to $350 million. The $60 million Cable can currently track is not a representational sample.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |