Should organizations extorted by ransomware gangs pay their attackers? It’s a question that cuts to the heart of ransomware response. Some take what might be viewed as a pragmatic stance and say there is no right or wrong answer, and organizations should be free to make their own decision. On the other side is […]
There aren’t many certainties in cybercrime, but one that is often repeated is that malware is overwhelmingly a problem affecting computers running Microsoft Windows. This can sound like a statement of the obvious, but malware targets Windows because there are a lot more Windows computers to target—up to 80% of all desktops and laptops globally, […]
Ransomware is supposed to be about money, and only money. This view is backed by plenty of evidence. Almost without exception, ransomware attacks are commercial events rather than ones motivated by ideological or hacktivist aims. Despite this, every now and again exceptions pop up that counter this idea in ways that send ransomware analysts back […]
In November 2019, companies across the United States started receiving the following poorly written but still threatening email: In the past day we have come across data pertaining to company you work for: [company name]. Data contains all personal identifiable information for every employee that works for this company including yourself. Data was leaked around […]
Ferrari, the world-famous makers of elite sports cars, just suffered a significant data breach caused by ransomware. The news emerged in an apologetic letter sent in English to customers on March 20: “We regret to inform you of a cyber incident at Ferrari where a threat actor was able to access a limited number of […]
On Jan. 10, Britain’s Royal Mail was hit by a ransomware attack that will probably be used as an example in security conference slide presentations for years to come. On the surface, this was a fairly standard ransomware attack on a large company—in this case, the overseas mail department of a company that delivers around […]
