Friday Five 7/9 | Digital Guardian

The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls

Digital Guardian's Blog

Friday Five 7/9

by Colin Mullins on Friday July 9, 2021

Contact Us
Free Demo

Ransomware negotiators, cyber risks to the financial system, and why traditional passwords are here to stay - catch up on all of the week's infosec news with the Friday Five!

1. Ransomware as a service: Negotiators are now in high demand by Charlie Osborne

Ransomware operators have begun hiring negotiators in their attempt to more effectively extort victims to pay their ransom. The increasingly lucrative ransomware business has evolved into what researchers describe as a typical corporate structure. The need for negotiators has emerged amid the desire to maintain margins as operations grow and the necessity for members who have conversational English as many of the victims are in the U.S. or U.K. The continued specialization in ransomware will make it a more potent threat to cyber defenders.

Read more

2. How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS by Tim Starks 

This story tracks the growth of the REvil ransomware gang’s profile, an important read especially with the breach of the Kaseya software company dominating the news. Researchers estimate that the gang made $123 million in 2020 along with the $11 million it made in its high-profile attack on JBS this year. Even though REvil’s aggressive tactics and blustery style might draw more unwanted attention from government regulators and law enforcement, it’s a calculated strategy that if people are aware of REvil’s fearsome reputation, they may be more inclined to pay the ransom. The article also follows their history back to 2018, and as the most profitable ransomware gang, it’s worth understanding their progression.

Read more

3. Why the password isn't dead quite yet by Lily Hay Newman

In this article, Lily Hay Newman looks at why passwords are still an important part of security, despite advances in passwordless logins. For example, a thumbprint is a lot easier to use and harder to replicate than traditional passwords. There have also been advances in standalone physical tokens that in some cases can be used to login wirelessly without a password. Despite these new systems, traditional passwords will likely remain in use as they are a well-established habit that will be hard to break, and for the new systems to work, you need a new device, such as a smartphone, and at least one other device to verify, which supremely narrows the use case of new login technology.

Read more

4. Hacking Wall Street: Could a cyberattack disrupt the financial system by Kim Zetter 

The recent cyberattacks on critical infrastructure have reignited fears of a cyber-attack that could disrupt the financial industry. While there has been some public-private sector collaboration on cyber preparation and leadership from banks such as JPMorgan Chase, experts worry that there is not enough of a focus on industry-wide systems and vulnerabilities as opposed to individual companies. There are also unique risks in the financial sector, such as a cyberattack hitting on the “triple witching” Friday each quarter when stock options, futures, and index options all expire on the same day, which would make the devastation substantially worse. Even if you don’t work in the financial industry, as almost everyone has a vested interest in its continued smooth operation, it’s worth considering the full list of systematic risks examined in the story.

Read more

5. In crosshairs of ransomware crooks, cyber insurers struggle by Frank Bajak 

Lost in the larger story around ransomware is its impact on insurance companies. Larger cybercriminal gangs usually determine their targets by first hacking into a company that offers cyber insurance to see who can afford to pay a ransom. As attacks have ramped up 400% over the last year, so to have the losses for insurance companies as they payout insurance on breached companies. This surge has changed the cost benefit analysis of paying criminals and some insurance companies have started refusing to offer insurance for ransoms as it incentives criminal gangs. Other larger insurance companies have decided that instead of refusing coverage, they will raise premiums and perform extensive audits on the security of potential companies before writing policies. Keep an eye on the insurance market as changes in policy will serve as indicators in the continued ransomware fight.

Read more

Tags: Ransomware, Critical Infrastructure

Recommended Resources

  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Colin Mullins

Colin Mullins is a Social Media Marketing intern at Digital Guardian