Cyber Security Today, Feb. 9, 2024 – A record US$1 billion paid to ransomware gangs last year, and more

Share post:

A record US$1 billion paid to ransomware gangs last year, and more.

Welcome to Cyber Security Today. It’s Friday, February 9th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Organizations paid out more than $1 billion to ransomware gangs last year. That’s according to numbers compiled by Chainalysis. And that’s just the cash. It doesn’t include the clean-up costs victims paid — and, the report notes, victims who didn’t pay had to cover those business and recovery costs as well. The willingness of organizations to pay is the main reason why ransomware gangs survive and expand, despite arrests, convictions and the takedowns of some gangs’ IT infrastructure. One strategy of many gangs: Fewer attacks but targeting big organizations that can afford to pay big money to get access back to stolen or scrambled data.

One ransomware gang pulled in an estimated US$100 million by not executing ransomware: That was the Cl0p group, which exploited a vulnerability in the MOVEit file transfer application to steal data from over 1,000 organizations. At that scale data theft was more efficient than running ransomware.

According to a separate report this week issued by the NCC Group, three new ransomware groups were detected in December alone. The number of successful ransomware attacks in 2023 rose to a record 4.667 cases.

Meanwhile on Thursday the U.S. State Department announced a US$10 million reward for information leading to the identification of key members of the Hive ransomware gang. It’s also offering US$5 million for information leading to the arrest or conviction of anyone linked to the Hive gang. The FBI took down the gang’s IT infrastructure 12 months ago.

Ivanti has found another vulnerability in its Connect Secure and Policy Secure gateways, as well as its ZTA gateway. The patch was quietly released for customers on January 31st and is only publicly being announced now. IT administrators that haven’t plugged this hole by now had better get cracking.

Want to download the LastPass password manager for your iPhone? Beware of an app impersonating the real one on the Apple App Store. Despite Apple’s attempts to keep malware out of the store, this one snuck in. The fake can be identified by its name: LassPass, instead of LastPass.

The U.S, has created an Artificial Intelligence Safety Institute Consortium. Its goal is to unite AI creators and users, academics, industry researchers and others to help develop and deploy trustworthy AI applications. This follows President Joe Biden’s Executive Order of last October requiring developers of the most powerful AI systems to share their safety test results with the federal government.

Later today the Week in Review podcast will be out. Terry Cutler of Cyology Labs and I will discuss some news headlines from the past seven days.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Feb. 9, 2024 – A record US$1 billion paid to ransomware gangs last year, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI

An international effort has brought down the notorious LockBit ransomware gang, Microsoft has developed its own tech to replace Nvidia and a huge backlash against OpenAI on social media.    All this and more on the “Jeez, you take one long weekend and the world explodes” edition of Hashtag Trending. I’m your host Jim Love,

Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI

An international effort has brought down the notorious LockBit ransomware gang, Microsoft has developed its own tech to replace Nvidia and a huge backlash against OpenAI on social media.    All this and more on the “Jeez, you take one long weekend and the world explodes” edition of Hashtag Trending. I’m your host Jim Love,

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways