Cyber Security Today, Feb. 9, 2024 – A record US$1 billion paid to ransomware gangs last year, and more

A record US$1 billion paid to ransomware gangs last year, and more.

Welcome to Cyber Security Today. It’s Friday, February 9th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Organizations paid out more than $1 billion to ransomware gangs last year. That’s according to numbers compiled by Chainalysis. And that’s just the cash. It doesn’t include the clean-up costs victims paid — and, the report notes, victims who didn’t pay had to cover those business and recovery costs as well. The willingness of organizations to pay is the main reason why ransomware gangs survive and expand, despite arrests, convictions and the takedowns of some gangs’ IT infrastructure. One strategy of many gangs: Fewer attacks but targeting big organizations that can afford to pay big money to get access back to stolen or scrambled data.

One ransomware gang pulled in an estimated US$100 million by not executing ransomware: That was the Cl0p group, which exploited a vulnerability in the MOVEit file transfer application to steal data from over 1,000 organizations. At that scale data theft was more efficient than running ransomware.

According to a separate report this week issued by the NCC Group, three new ransomware groups were detected in December alone. The number of successful ransomware attacks in 2023 rose to a record 4.667 cases.

Meanwhile on Thursday the U.S. State Department announced a US$10 million reward for information leading to the identification of key members of the Hive ransomware gang. It’s also offering US$5 million for information leading to the arrest or conviction of anyone linked to the Hive gang. The FBI took down the gang’s IT infrastructure 12 months ago.

Ivanti has found another vulnerability in its Connect Secure and Policy Secure gateways, as well as its ZTA gateway. The patch was quietly released for customers on January 31st and is only publicly being announced now. IT administrators that haven’t plugged this hole by now had better get cracking.

Want to download the LastPass password manager for your iPhone? Beware of an app impersonating the real one on the Apple App Store. Despite Apple’s attempts to keep malware out of the store, this one snuck in. The fake can be identified by its name: LassPass, instead of LastPass.

The U.S, has created an Artificial Intelligence Safety Institute Consortium. Its goal is to unite AI creators and users, academics, industry researchers and others to help develop and deploy trustworthy AI applications. This follows President Joe Biden’s Executive Order of last October requiring developers of the most powerful AI systems to share their safety test results with the federal government.

Later today the Week in Review podcast will be out. Terry Cutler of Cyology Labs and I will discuss some news headlines from the past seven days.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.