Who are the people the ransomware groups most rely on for their business model? Most commentators fall back on the conventional view that the ransomware industry’s main protagonists are the clever but amoral hacker masterminds looking to make big bucks. But occasionally we get a glimpse that what’s inside the criminality’s black box might be […]
Imagine a world where ransomware victims across the globe simply refused to pay their attackers. In theory, the attackers would quickly realize their extortion business model no longer made any sense. As has been widely observed, victims who pay attackers simply fuel the next wave of ransomware. It follows from this that as long as […]
Spend any time studying official cyberattack disclosures and two words that crop up with striking regularity are “sophisticated” and “targeted.” Every attack is said to be sophisticated just as every attack is either targeted or even highly targeted. These terms have been a common element in press releases and regulatory disclosures ever since cyberattack incidents […]
On Oct. 17, a triumphant message suddenly appeared on the official dark web leak page of the Trigona ransomware group. Later copied to X (formerly Twitter) by a group calling itself the Ukrainian Cyber Alliance, it read as follows: “Trigona is gone! The servers of the Trigona ransomware gang has been exfiltrated and wiped out.” […]
Readers of this blog won’t be surprised by the idea that there’s a lot of ransomware out and about these days. Exactly how much depends on which source is used as a reference point, but perhaps fretting about numbers and whether they’re increasing is to miss the point. What matters most is how we measure […]
In late September, the FBI sent a private industry notification warning organizations about a disturbing new dual ransomware attack trend: victims being hit by two or more ransomware strains in a single attack. This is ominous for at least three reasons. First, the FBI describes this as a trend—that is, something that’s more than an […]
