Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms

Share

The success of ransomware attacks in 2021 has only emboldened cyber threat actors around the globe to continue these nefarious attacks on innocent victims. Ransomware attacks are only going to be growing in 2022. This conclusion comes from a recent international partner advisory (Advisory) jointly issued by The Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA.

Continue reading “Ransomware Attacks in 2022 – Things are NOT Getting Better: A Call to Arms”

Log4j Vulnerability Prompts Insurance Commissioners to Issue Guidance

Share

On December 11, 2021, the Cybersecurity and Infrastructure Security Agency, in partnership with the FBI and NSA, announced a critical remote code execution vulnerability had been identified in the Apache Log4j software library. This vulnerability allowed a successful threat actor to take control of a network system and cause a variety of damage, including the ability to launch ransomware, steal and destroy victim information, deploy malware, and disrupt internal and infrastructure operational control. Insurance regulators from four states have recently issued guidance in response to the threat, and it is likely more insurance commissioners will follow suit.

Continue reading “Log4j Vulnerability Prompts Insurance Commissioners to Issue Guidance”

NIST Releases New “Cybersecurity Framework Profile for Ransomware Risk Management” to Battle Growing Threat of Ransomware Attacks

Share

Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or infrastructure, the attacker demands a ransom. This creates a dilemma for organizations — the decision to pay the ransom, relying on the attacker to release the data as they say, or to reject the ransom demand and try to restore the data or operations on their own.

Continue reading “NIST Releases New “Cybersecurity Framework Profile for Ransomware Risk Management” to Battle Growing Threat of Ransomware Attacks”

Faegre Drinker on Law and Technology Podcast: The Growth and Evolution of Disruptionware

Share

Cyberattacks are an increasingly common presence in the news, and disruptionware has emerged as a popular — and particularly nefarious — type of attack. Disruptionware poses an especially troubling threat, because it attacks both an organization’s information technology and operational technology networks — often with highly destructive goals. In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Peter Baldwin to break down disruptionware attacks, the industries that are most susceptible to them, and what we can learn from high-profile incidents.

Continue reading “Faegre Drinker on Law and Technology Podcast: The Growth and Evolution of Disruptionware”

Disruptionware VII: The Evolution of Disruptionware and the Growth of Ransomware as a Service (RaaS)

Share

I have written multiple times about the danger of disruptionware to both Information Technology (IT) networks as well as Operational Technologies (OT) networks of victims globally. As discussed here, many different nefarious tools make up the disruptionware “tool kit.” These tools include, but are not limited to:

  • Ransomware
  • Wipers
  • Bricking capabilities tools
  • Automated components
  • Data exfiltration tools
  • Network reconnaissance tools

The most well-known and most used of all these tools is ransomware malware. Ransomware attacks have grown exponentially over the past few years. Dozens of ransomware gangs are launching ransomware attacks and terrorizing and extorting businesses throughout the world. This has included specific attacks against the U.S. energy sector as well as U.S. infrastructure projects.

Continue reading “Disruptionware VII: The Evolution of Disruptionware and the Growth of Ransomware as a Service (RaaS)”

Kaseya: The Latest High-Profile Ransomware Attack

Share

On July 2, 2021, Kaseya Ltd., a Florida-based firm that provides software tools to thousands of primarily small and mid-sized businesses, became the latest victim of a high-profile ransomware attack. The attack is believed to have affected as many as 1,500 of Kaseya’s customers throughout the world, including at least 200 businesses in the United States. The attackers, who have claimed association with the Russia-linked REvil ransomware gang, have demanded an astronomical $70 million ransom to restore services for affected businesses.

The Kaseya attack was particularly devastating and effective because it was a supply chain attack, meaning it targeted a type of software that many other companies use to manage and distribute software updates. Thus, the attack not only affected Kaseya, but also potentially all of its customers.

Continue reading “Kaseya: The Latest High-Profile Ransomware Attack”