Ransomware is now a board level discussion and continues to challenge every organization today. Ransomware attackers compromise applications and data to extort payment from victims. The best defense from ransomware is trustworthy backups. Unfortunately, attackers often compromise the path to recovery by deleting and...
As ransomware attacks continue to dominate headlines, Quentyn Taylor, a Canon director of information security, cautions organizations not to forget about "some of the other threats, like business email compromise," which continue to cripple organizations through financial and reputational damage.
ISMG editors discuss: U.S. Sen. Angus King on the need for the federal government to form a clear, declarative cyber deterrence strategy, how CISA is ramping up efforts to support critical infrastructure defenses and the potential implications of the U.S. blacklisting of Israeli spyware firms.
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
As the COVID-19 pandemic persists, cybersecurity threats and related risks continue to grow, including ransomware, external threats and especially those involving healthcare insiders, says Denise Anderson, president of the Health Information Sharing and Analysis Center.
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify "systemically important critical infrastructure" to reduce risks of pervasive supply chain cyberattacks.
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide's hit on Colonial Pipeline - "what we're seeing … is that there is going to be a power balance shift," says McAfee's John Fokker, with more affiliates, not gang leaders, calling the shots.
The cyber actors suspected of being behind the deployment of ransomware strains such as LockerGoga, MegaCortex and Dharma, among others, are under arrest, after a joint operation involving law enforcement and judiciary agencies from eight countries. The actors are believed to have affected more than 1,800 victims.
Four ISMG editors discuss important cybersecurity issues, including law enforcement authorities' disruption of ransomware gang REvil's operations, how to collaborate as an industry to fight the surge in ransomware attacks hitting businesses, and increasing diversity and inclusion in the workplace.
The latest ISMG Security Report features the fallibility of ransomware gangs and why victims should always seek help from a reputable response firm, law enforcement or other qualified expert. Also featured: Data protection advice and why the remote work model might make securing data easier.
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.
Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
The operators behind Groove ransomware are calling on other extortion gangs to join forces to attack the U.S. public sector, according to chatter seen on underground forums, reports malware research organization vx-underground, citing a blog posted by the gang on a Russian site.
What’s the ideal password policy?
Should you be emphasizing password length or complexity?
This guide will help determine a policy that’s strong enough to protect your business and thwart potential hackers, but not so complicated that employees will ignore it.
Download this guide and learn:
Why numbers and...