Winning the War on Ransomware — Is Hope In Sight?
A report from the US Treasury estimates there were over half a billion dollars in ransomware payouts in the first half of 2021 alone. Law enforcement has struggled to get a handle on the situation, with many groups operating for years with no apparent fear of repercussions.
This year, federal law enforcement decided to try something new. In April, the Department of Justice created the Ransomware and Digital Extortion Task Force in a move to prioritize the “disruption, investigation, and prosecution of ransomware and digital extortion activity.” The task force is supposed to help share information between DOJ departments, as well as work with outside and foreign agencies. In the months since, it’s made some impressive prosecutions, but they’re just a sliver of the overall — and the bigger picture remains maddeningly unclear.
The attention from the task force has also been affecting ransomware groups’ ability to advertise to potential customers, the ones who often use their malware to infect targets. In a blog, Fokker discussed how cybercrime forums have become hesitant to play host to ransomware operators, banning them from advertising in the wake of the Colonial Pipeline attacks. Forum administrators, when they offered an explanation for the decision, said that ransomware was attracting a lot of unwanted attention — as one admin put it, according to The Record, the word “ransom” was now associated with “unpleasant phenomena — geopolitics, extortion, government hacking.” Another forum had a cheekier explanation for why it was banning posts about ransomware: “if it ran somewhere, then you should probably go catch it?”
++++++++
Shopping Online? Hackers infect random WordPress plugins to steal credit cards – Another Supply Chain Attack
Credit card swipers are being injected into random plugins of e-commerce WordPress sites, hiding from detection while stealing customer payment details.
With the Christmas shopping season in full swing, card-stealing threat actors raise their efforts to infect online shops with stealthy skimmers, so administrators ought to remain vigilant.
The latest trend is injecting card skimmers into WordPress plugin files, avoiding the closely-monitored ‘wp-admin’ and ‘wp-includes’ core directories where most injections are short-lived.
++++++++
Android malware infected more than 300,000 devices with banking trojans
A November report from ThreatFabric revealed that more than 300,000 Android users unknowingly downloaded malware with banking trojan capabilities, and that it bypassed the Google Play Store restrictions.
The cybercriminals developed a method for successfully infecting Android users with different banking trojans, which are designed to gain access to user account credentials. The first step was to submit apps to the Google Play Store that had almost no malicious footprint and that actually looked like functional, useful applications, such as QR Code scanners, PDF scanners, cryptocurrency-related apps or fitness-related apps.
Once launched, these apps asked the user to do an update, which was downloaded outside of the Google Play Store (sideloading technique) and installed the malicious content on the Android device.
++++++++
Why Cloud Service Providers Are a Single Point of Failure
https://www.darkreading.com/cloud/why-cloud-service-providers-are-a-single-point-of-failure
Amazon’s cloud computing unit on Tuesday was hit with an outage that took down some websites and services. The outage brought down popular services like Disney+ and Coinbase, along with critical internal tools at Amazon like its Flex and AtoZ apps used by warehouse and delivery workers.
Cloud computing has been a global megatrend for the past decade and enjoyed skyrocketing adoption, and there is no end in sight. As this transition continues, cloud services will assume a dominant position as IT innovators produce more efficient, flexible, and faster products. A forecast by analyst firm IDC estimates that total worldwide spending on cloud services will reach $1.3 trillion by 2025.
Digital transformation is happening more quickly than it otherwise might have because the COVID-19 pandemic has forced organizations everywhere to speed up their efforts and make remote working and collaboration a routine part of doing business. IT analyst firm Gartner notes that “simply put, the pandemic served as a multiplier for CIOs’ interest in the cloud.”
Consequently, the remote-work paradigm demands that global IP networks are constantly available and that companies safeguard their IT infrastructure and data assets from unauthorized access. However, a study conducted by insurance company Munich Re reveals that although almost everyone in the corporate world claims to be a fan of digitization, 81% of C-level respondents doubt their organization is adequately protected against cyber threats.
++++++++
Rep. Banks Introduces Bill to Curb H-1B, End OPT, Job Outsourcing – Huge help for American high-tech jobs
“Big Tech is setting aside some of the most lucrative and valuable career opportunities in America and giving them exclusively to foreign guest workers,” said Rep. Jim Banks (R-IN), who chairs the conservative Republican Study Committee. He continued:
They’re cutting out Americans to save a few bucks. It’s domestic outsourcing. This shocking disregard for American workers and their role in our nation’s future is unpatriotic. We must fix Big Tech’s incentives, so they begin putting Americans first.
The two programs keep roughly 1 million foreign graduates, mostly Indians, in U.S. white-collar jobs. This imported workforce shoves at least one million Americans out of upwardly mobile careers, decent homes, and security for their families.
The pro-American bill will be opposed by business groups, universities, and by many Republicans and Democrats. Already, top Democrats have included a huge expansion of the visa worker programs in their Build Back Better bill.
++++++++
