Cyber Security Today, Jan. 31, 2024 – A new ransomware strain found, and questions about the level of ransomware payments

Share post:

A new ransomware strain found, and questions about the level of ransomware payments.

Welcome to Cyber Security Today. It’s Wednesday, January 31st, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

A new ransomware strain has been circulating for almost a year. According to a researcher at Netenrich, the group calls itself Alpha. Its data leak site lists six victims. Three firms are in the U.S., two in the U.K. and one is in Israel. The group is relatively new and still in the process of setting up operations. Victims are sent a personal decryption key to log into a messaging portal where they can negotiate a ransom. The gang says victim firms can upload three encrypted files that will be unscrambled as proof the decryptor they buy actually works.

There’s evidence that fewer organizations hit by ransomware are paying up. Coveware, which acts for firms in ransomware negotiations, says the average ransomware payment dropped over 2023. In fact it went down 33 per cent in the fourth quarter compared to what was paid in the third quarter. This may be due to better IT defences and backups, allowing some victims to ignore payment demands — although by the count of other companies 2023 was a record year for successful ransomware attacks. It also may be that more organizations just don’t trust crooks to keep their promises that stolen data will be deleted. We’ll see if the trend continues.

Another report issued this week has conflicting data. The survey of security and IT pros done by Cohesity suggests that despite pleas by governments not to pay ransomware gangs, organizations haven’t discarded the option. More than 90 per cent of respondents believe their company would pay a ransom to recover data and restore business processes. Nine in 10 respondents said their organization paid a ransom in the last two years. Over two-thirds of respondents believe their organization would be willing to pay over US$3 million to recover data.

Almost half of cybersecurity leaders in financial institutions believe their firm has been successfully hacked without being detected. That’s according to a report from Contrast Security. It surveyed infosec leaders in financial institutions to find out the state of cybersecurity in the sector. Among the findings: Lots of attacks by threat actors trying to steal corporate information, lots of attacks involving the destruction of data and lots of attacks on application programming interfaces. The report suggests financial institutions have to up their defensive game.

Artificial intelligence is coming to Android device users. Google’s Bard AI platform will be used to analyze your Google Messages and become a personal assistant. But will this be a privacy problem — particularly because messages will be sent to Google’s cloud for processing. An article on raises interesting questions. There’s a link to it here.

Security teams have to invest more in automation and internal training to combat knowledge gaps, and on improving the visibility of their IT environment. That’s the conclusion of security vendor Exabeam, which commissioned a global survey of IT pros in eight countries. Over 90 per cent of respondents believed they had a good or excellent ability to detect cyber threats. However almost 60 per cent of respondents said they experienced security incidents in the previous 12 months so significant they required extra resources to remediate. Also, respondents think they are only seeing about 66 per cent of their IT environments.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Jan. 31, 2024 – A new ransomware strain found, and questions about the level of ransomware payments first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Hashtag Trending Mar.1- HP debacle; Humanoid robots closer to hitting our workplaces; Apple blew $10 billion on the electric car before pulling the plug

If rumours are true and this one should be, I started it, we have a special edition of the Weekend show where we talk about the evolution of the role of the CIO with two incredible CIOs as the CIO Association of Canada turns 20. Don’t miss it.  MUSIC UP Can HP make you love

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways