Ransomware

Cyber criminals eye big players for higher payouts, warns Moody's

While ransomware attacks continue to grow in frequency and ransom demands, the share of victims willing to comply with hackers is steadily declining, making larger firms more attractive targets

NPCI reestablishes connectivity with C-Edge following ransomware attack

C-Edge, a joint venture between State Bank of India (SBI) and Tata Consultancy Services (TCS), is a technology service provider that offers services to cooperative and regional rural banks

Cyberattack compromised data centre; won't pay $8 mn ransom: Indonesia

Indonesia's national data centre has been compromised by a hacking group asking for a $8 million ransom that the government won't pay, authorities said Monday. The cyberattack has disrupted services of more than 200 government agencies at both the national and regional levels since June 20, said Samuel Abrijani Pangerapan, the director general of informatics applications with the Communications and Informatics Ministry. Some government services have returned immigration services at airports and elsewhere are now functional but efforts continue at restoring other services such as investment licensing, Pangerapan told reporters. The attackers have held data hostage and offered a key for access in return for the $8 million ransom, said PT Telkom Indonesia's director of network & IT solutions, Herlan Wijanarko, without giving further details. Wijanarko said the company, in collaboration with authorities at home and abroad, is investigating and trying to break the encryption that ...

Massive int'l police operation takes down ransomware networks, 4 arrested

Police coordinated by the European Union's justice agency have taken down computer networks responsible for spreading ransomware via infected emails, in what they called the biggest ever international operation against the lucrative form of cybercrime. The European Union's judicial cooperation agency, Eurojust, said Thursday that police arrested four high value suspects, took down more than 100 servers and seized control of over 2,000 internet domains. The huge takedown this week involved coordinated raids in Germany, the Netherlands, France, Denmark, Ukraine, the United States and United Kingdom, Eurojust said. The operation followed a massive takedown in 2021 of a botnet called Emotet, Eurojust said. A botnet is a network of hijacked computers typically used for malicious activity. Dutch police said in a statement that the financial damage inflicted by the network on governments, companies and individual users is estimated to run to hundreds of millions of euros (dollars). Milli

64% firms report ransomware attacks in India; 65% opt to pay ransom: Report

Cyber Security in India: A report by Sophos found that 65% of those hit by ransomware were inclined to pay the ransom to recover the data with the average cost for data being $1.35 million

Indian businesses saw 235,472 ransomware incidents from Jan-Dec 2023

In 2023, India witnessed ransomware attacks against different organisations - a major healthcare institution, government departments, Indian telecom company, as well as power and utility company

US plans to push other countries not to pay hacker ransoms ahead of meeting

The aim of the statement is to change that calculus, Neuberger said. "Ransom payments are what's driving ransomware," she said. "That's the reason we think it's so needed."

FBI dismantles malware system that took millions in ransom globally

US officials estimated that, since its creation in 2008, Qakbot had infected around 200,000 computers in the US and 700,000 globally

Akira Ransomware: What makes this ransomware a national-level threat?

Incidents of ransomware and other cyber attacks should be reported to the Indian Computer Emergency Response Team (CERT-In)

CERT-In cautions internet users against ransomware 'Akira' attack

An Internet ransomware virus 'Akira' that steals vital personal information and encrypts data leading to extortion of money from people has been reported in the cyberspace, the country's federal cyber security agency has said in a latest advisory. This computer malware is targeting Windows and Linux-based systems, it said. "A recently emerged ransomware operation dubbed Akira is reportedly active in cyberspace. This group first steals the information from victims, then encrypt data on their systems and conducts double extortion to force the victim into paying the ransom. "In case the victim does not pay, they release their victim's data on their dark web blog," the Indian Computer Emergency Response Team (CERT-In) said in a latest advisory to Internet users. The agency is the central technology arm to combat cyber attacks and guards the cyber space against phishing and hacking assaults and similar online attacks. It said the ransomware group is "known to access victim environments

Ransomware criminals dump kids' private files online after school hacks

The confidential documents stolen from schools and dumped online by ransomware gangs are raw, intimate and graphic. They describe student sexual assaults, psychiatric hospitalisations, abusive parents, truancy even suicide attempts. Please do something, begged a student in one leaked file, recalling the trauma of continually bumping into an ex-abuser at a school in Minneapolis. Other victims talked about wetting the bed or crying themselves to sleep. Complete sexual assault case folios containing these details were among more than 300,000 files dumped online in March after the 36,000-student Minneapolis Public Schools refused to pay a USD 1 million ransom. Other exposed data included medical records and discrimination complaints. Rich in digitised data, the nation's schools are prime targets for far-flung criminal hackers, who are assiduously locating and scooping up sensitive files. Often strapped for cash, districts are grossly ill-equipped not just to defend themselves but to

73.7% of healthcare firms pay ransomware demand globally: Research

Healthcare organisations had a 73.7 per cent likelihood of paying a ransomware demand, and they are also the fourth most targeted sector by ransomware attacks (13 per cent) globally, a new report said

73 per cent of Indian firms report being ransomware victim in 2023: Report

About 77 per cent of ransomware attacks against surveyed organisations succeeded in encrypting data, but only 44 per cent paid the ransom to recover their data, the report said

Cyber alert against Royal ransomware that attacks health, education sectors

The Indian cyber security agency has issued a warning against "Royal ransomware" virus that attacks critical sectors like communications, healthcare, education and even individuals and seeks pay-off in Bitcoins for not leaking personal data in the public domain. The Indian Computer Emergency Response Team or CERT-In has stated in a latest advisory that this Internet spread ransomware sneaks in through phishing emails, malicious downloads, abusing RDP (remote desktop protocol) and other forms of social engineering. This ransomware, cyber experts told PTI, was first detected in January 2022 and it got active sometime around September last year even as the US authorities issued advisories against its spread. Royal ransomware is targeting multiple crucial infrastructure sectors, including manufacturing, communications, healthcare, education, etc. or individuals. The ransomware encrypts the files on a victim's system and attackers ask for ransom payment in bitcoin," the advisory ...

Ransomware attacks, human error main cause of cloud data breaches: Report

Half of IT professionals surveyed in India believe that security threats are increasing in volume or severity

Sun Pharma may incur revenue loss for ransomware incident on March 2

Sun Pharma Advanced Research Company may incur expenses in connection with incident; India was the second most attacked country for ransomware in the APAC-Japan region in 2022

Hackers actively exploiting VMware bug in massive ransomware campaign

France's computer emergency response team (CERT-FR) has warned that hackers have been targeting 'VMware ESXi' servers since February 3

Ransomware attacks in Europe target old VMware: Cybersecurity agencies

Cybersecurity agencies in Europe are warning of ransomware attacks exploiting a 2-year-old computer bug as Italy experienced widespread internet outages. The Italian premier's office said on Sunday night the attacks affecting computer systems in the country involved ransomware already in circulation" in a product made by cloud technology provider VMware. A Friday technical bulletin from a French cybersecurity agency said the attack campaigns target VMware ESXi hypervisors, which are used to monitor virtual machines. Palo Alto, California-based VMware fixed the bug back in February 2021 but the attacks are targeting older, unpatched versions of the product. The company said in a statement Sunday that its customers should take action to apply the patch if they have not already done so. Security hygiene is a key component of preventing ransomware attacks, it said. The US Cybersecurity and Infrastructure Security Agency said Sunday it is working with our public and private sector par

Hive Ransomware seized after a global sting by US-German law enforcement

Hive ransomware was seized after a joint US-German law enforcement crackdown that thwarted $130 million in demands for payment from more than 1,500 victims around the world

AIIMS cyber attack originated in China, all servers retrieved now: MoHFW

AIIMS cyber attack: The Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25 had registered a case of extortion and cyber terrorism