Bleeping Computer: Hive claims ransomware attack on Tata Power, begins leaking data

Bleeping Computer: Hive claims ransomware attack on Tata Power, begins leaking data. “Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power is India’s largest integrated power company based in Mumbai. In screenshots seen by BleepingComputer, Hive operators are seen posting data they claim to have stolen from Tata Power, indicating that the ransom negotiations failed.”

Purdue University: As ransomware attacks increase, new algorithm may help prevent power blackouts

Purdue University: As ransomware attacks increase, new algorithm may help prevent power blackouts. “No single power utility company has enough resources to protect the entire grid, but maybe all 3,000 of the grid’s utilities could fill in the most crucial security gaps if there were a map showing where to prioritize their security investments. Purdue University researchers have developed an algorithm to create that map.”

Kyiv Post: Russian Citizens Wage Cyberwar From Within

Kyiv Post: Russian Citizens Wage Cyberwar From Within. “Earlier today, Oct. 2, Kyiv Post was contacted by hackers who identified themselves as part of the National Republican Army (NRA). As Kyiv Post has reported before, the NRA is an organization of Russian citizens seeking the overthrow of the Putin Government. The NRA hackers explained to Kyiv Post that they had executed an advanced ransomware attack on the network of Unisoftware, a Russian software development company known for the development and implementation of web applications, desktop systems, cloud, and API solutions.”

Bleeping Computer: Google says former Conti ransomware members now attack Ukraine

Bleeping Computer: Google says former Conti ransomware members now attack Ukraine. “Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). UAC-0098 is an initial access broker known for using the IcedID banking trojan to provide ransomware groups with access to compromised systems within enterprise networks.”

Bleeping Computer: Hackers attack UK water supplier with 1.6 million customers

Bleeping Computer: Hackers attack UK water supplier with 1.6 million customers. “South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn’t impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water.”

Bleeping Computer: Ransom payments fall as fewer victims choose to pay hackers

Bleeping Computer: Ransom payments fall as fewer victims choose to pay hackers. “In Q2 2022, the average ransom payment was $228,125 (up by 8% from Q1 ‘22). However, the median ransom payment was $36,360, a steep fall of 51% compared to the previous quarter. This continues a downward trend since Q4 2021, which represented a peak in ransomware payments both average ($332,168) and median ($117,116).”

CNN: Justice Department seizes $500K from North Korean hackers who targeted US medical organizations

CNN: Justice Department seizes $500K from North Korean hackers who targeted US medical organizations. “The US Justice Department seized approximately half a million dollars that North Korean government-backed hackers had either extorted from US health care organizations or used to launder ransom payments, deputy Attorney General Lisa Monaco said Tuesday as she touted an aggressive US strategy to claw back money for victims of ransomware attacks.”

Bleeping Computer: US govt warns of Maui ransomware attacks against healthcare orgs

Bleeping Computer: US govt warns of Maui ransomware attacks against healthcare orgs. “The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S.”

Route Fifty: The Changing Face of Ransomware

Route Fifty: The Changing Face of Ransomware. “Attackers are increasingly targeting organizations they think will deliver the greatest rewards. They vary their ransom demands based on the victim’s estimated financial position, the quality of data exfiltrated, whether the victim has cyber insurance and the reputation of the ransomware group, the study said.”

Bleeping Computer: Macmillan shuts down systems after likely ransomware attack

Bleeping Computer: Macmillan shuts down systems after likely ransomware attack. “Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred over the weekend, on Saturday, June 25th, with the company shutting down all of their IT systems to prevent the spread of the attack.”

MakeUseOf: What Is Leakware? Here’s What You Need to Know

MakeUseOf: What Is Leakware? Here’s What You Need to Know. “Leakware attackers will threaten to release the confidential information they’ve stolen from the victim(s) if their demands are not met. These demands are usually financial and come in the form of a typical ransom (which is why leakware is a kind of ransomware). Leakware attackers will often ensure that the data they steal is highly sensitive to put as much pressure on the victim as possible.”

Comparitech: Ransomware attacks on US schools and colleges cost $3.56bn in 2021

Comparitech: Ransomware attacks on US schools and colleges cost $3.56bn in 2021. “In 2021, 67 individual ransomware attacks affected 954 schools and colleges, potentially impacting 950,129 students. We estimate that these attacks cost education institutions $3.56 billion in downtime alone. Most schools will have also faced astronomical recovery costs as they tried to restore computers, recover data, and shore up their systems to prevent future attacks.”

Krebs on Security: Ransomware Group Debuts Searchable Victim Data

Krebs on Security: Ransomware Group Debuts Searchable Victim Data. “Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form.”