Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside
The United States suffered 65,000 ransomware attacks last year – or over seven an hour. And it will likely get worse.
What was previously seen as a nuisance is fast becoming a national security problem as cybercriminals target key parts of the country’s infrastructure. A recent attack on Colonial Pipeline sparked panic buying that emptied many gas stations across the Southeast, while another attack on JBS raised fears about the domestic beef supply.
In an unprecedented sting operation, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP) ran an encrypted chat service called ANoM for nearly three years to intercept 27 million messages exchanged between criminal gang members globally.
Dubbed Operation Ironside (AFP), Operation Greenlight (Europol), and Operation Trojan Shield (FBI), the long-term covert probe into transnational and serious organized crime culminated in the arrests of 224 offenders on 526 charges in Australia, with 55 luxury vehicles, eight tons of cocaine, 22 tons of cannabis and cannabis resin, 250 firearms, and more than $48 million in various currencies and cryptocurrencies seized in raids around the world.
A total of more than 800 arrests have been reported across 18 countries, including New Zealand, Germany, and Sweden. Europol called it the “biggest ever law enforcement operation against encrypted communication.”
Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.
Critical infrastructure is becoming more dependent on networks of interconnected devices. For example, only a few decades ago, power grids were essentially operational silos. Today, most grids are closely interlinked — regionally, nationally, and internationally as well as with other industrial sectors. And in contrast to discrete cyberattacks on individual companies, a targeted disruption of critical infrastructure can result in extended supply shortages, power blackouts, public disorder, and other serious consequences.
Mobile phishing exposure doubled among financial services and insurance organizations between 2019 and 2020. Cyberattackers are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point.
A single successful phishing or mobile ransomware attack can give attackers access to proprietary market research, client financials, investment strategies and cash or other liquid assets, according to a new Lookout research team report released May 6.
The Financial Services Threat Report disclosed that almost half of all phishing attempts tried to steal corporate login credentials. Other findings include that some 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign into their personal mobile banking account.
Despite a 50 percent increase in mobile device management (MDM) adoption from 2019 to 2020, average quarterly exposure to phishing rose by 125 percent. Malware and app risk exposure increased by over 400 percent.
Seven months after the release of iOS 14 and Android 11, 21 percent of iOS devices were still on iOS 13 or earlier, and 32 percent of Android devices were still on Android 9 or earlier. That delay of users updating their mobile devices creates a window of opportunity for a threat actor to gain access to an organization’s infrastructure and steal data, according to the report.
The competition to dominate Africa’s artificial intelligence and critical infrastructure markets is geopolitical and Beijing is racing for the lead. During the past 20 years, China has been rapidly building its communications infrastructure and advancing data-surveillance capabilities globally, and has taken a strong interest in spearheading development of Africa’s technology markets. President Xi Jinping’s Belt and Road Initiative has been the primary conduit for China’s expansion on the continent.
When the BRI was first introduced in 2013, many African leaders shared Xi’s view that inadequate infrastructure was the greatest barrier to economic development. So far, 40 out of 54 African countries have signed BRI agreements.
Security researchers have discovered a way to leverage Apple’s Find My’s Offline Finding network to upload data from devices, even those that do not have a Wi-Fi or mobile network connection.
Using Bluetooth Low Energy, the data is being sent to nearby Apple devices that do connect to the Internet, and then sent to Apple’s servers, from where it can be retrieved at a later date.
The technique could be used to avoid the costs and power usage associated with mobile Internet, or to exfiltrate data from Faraday-shielded sites visited by iPhone users, researchers with Positive Security, a Berlin-based security consulting firm.
Ransomware attacks are exploding at a staggering rate, and so are the ransoms being demanded. Now experts are warning against a new threat — triple extortion — which means that attackers are expanding out to demand payments from customers, partners and other third parties related to the initial breach to grab even more cash for their crimes.
Check Point’s latest ransomware report found that over the past year, ransomware payments have spiked by 171 percent, averaging about $310,000 — and that globally, the number of attacks has surged by 102 percent.
“As the numbers reflect a golden attack technique, which combines both a data breach and a ransomware threat, it is clear that attackers are still seeking methods to improve their ransom payment statistics, and their threat efficiency,” Check Point said.
The threat from China, multi-faceted and severe, is foremost in a pack that includes Russian actions in Ukraine, Iranian nuclear efforts, and North Korea’s existing nukes, U.S. intelligence leaders told the Senate Intelligence Committee on Wednesday.
“We have now over 2,000 investigations that tie back to the Chinese government,” FBI Director Chris Wray said at the hearing. “On the economic espionage side alone, it’s a 1,300 percent increase over the last several years. We’re opening a new investigation on China every ten hours and I assure the committee it’s not because our folks don’t have anything to do with their time.”