Lessons From the LockBit Takedown
The truly satisfying law enforcement takedown of the ransomware giant shows the value of collaborating — and fighting back.
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
The truly satisfying law enforcement takedown of the ransomware giant shows the value of collaborating — and fighting back.
Legal Expert Jonathan Armstrong Unpacks Issues in Big Tech, Ransomware, AI and MoreIn the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI copyright infringement fears - highlighting the intricate legal issues shaping big tech and cybersecurity.
Amid COVID-19 Ransomware Woes, Sanaz Yashar's Frustration Sparked Zafran's BirthFaced with relentless cyberattacks and the shortcomings of existing defenses, Sanaz Yashar embarked on a journey to create a security risk and mitigation platform, transforming frustration into startup Zafran, which emerged from stealth Thursday with more than $30 million in funding.
Feds are offering cash for information to help them crack down on the ransomware-as-a-service group's cyberattacks against US critical infrastructure.
Flashpoint recorded a 34.5% rise in reported data breaches in 2023, with ransomware a major driver of this increase
Sensitive documents dumped on leak site amid claims of 3 TB of data stolen in total NHS Scotland says it managed to contain a ransomware group's malware to a regional branch, preventing the spread of infection across the entire institution.…
CISA will administer the new reporting requirements for cyber incidents and ransomware payments.
NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024
Ransomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition is changing in 2024, and what might come next. [...]
The days of cybercriminals having something of a moral compass are over The parent company of The Big Issue, a street newspaper and social enterprise for homeless people, is wrestling with a cybersecurity incident claimed by the Qilin ransomware gang.…
A new, improved variant on the group's malware combines fileless infection, BYOVD, and more to cause havoc in virtual environments.
ARPA-H joins the challenge, adds $20M to cash rewards Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).…
This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.
Mistakes years in the making tell a universal story that must not be ignored Opinion Quiz time: name one thing you know about the Library of Alexandria. Points deducted for "it’s a library. In Alexandria." Looking things up is cheating and you know it.…