ESG quote

CyberSense® Ransomware News

Enterprise Times logo 272 1

Sept. 29, 2021 - Index Engines sees backups as a counter to ransomware


Sept. 6, 2021 - Five tough questions you need to answer about ransomware


Aug 24, 2021 - Is it Wrong to Pay a Ransom?Aug 24, 2021 - Is it Wrong to Pay a Ransom?


June 23, 2021 - Power2Protect Podcast Intelligent Ransomware Protection

Tech Republic

June 23, 2021 - How to prepare for a ransomware attack

toolbox logo

June 16, 2021 - Can Backup Data Be Trusted After a Ransomware Attack? 3 “I’s” for Steadfast Resiliency



June 7, 2021 - The Wild Wild West of Cybersecurity

Tech Republic

June 4, 2021 - First gas, now meat: Latest cybersecurity attack shows criminals are expanding their scope


May 27, 2021 - Backup Data is Critical when Recovering from a Cyberattack

yahoo homepage en US s f p bestfit homepage 2x

May 18, 2021 - Index Engines’ CyberSense Expands Support to Dell EMC PowerProtect Data Manager

Deloitte Logo

May 6, 2021 - Preparing for a Destructive Cyberattack

UK Tech News

April 16, 2021 - Content Indexing and Data Classification needed for Cyber Resiliency Backup Strategy

cyber logo

April 14, 2021 - Content Indexing and Data Classification needed for Cyber Resiliency Backup Strategy


April 14, 2021 -Research Firm Reviews Content Indexing and Data Classification as Part of Cyber Resiliency Strategy for Backup

Storage Newsletter

Feb. 23, 2021 - API-Based Developer’s Kit for CyberSense Analytics and Reporting Software

 BF black 300x92

Feb. 19, 2021 - This week in storage

TT20 ss 84x44

Feb. 17, 2021 - Index Engines' CyberSense SDK expands its third-party reach

cbuzzlogo new1

Feb. 17, 2021 - IE looks to stimulate partner integrations with CyberSense developers kit

yahoo homepage en US s f p bestfit homepage 2x

Feb. 16, 2021 - Amid Growing Ransomware Threats, Index Engines Releases Developer Kit for Integration of Data Integrity Software CyberSense

csa logo rgb 079e6ddcc112faad8b9d3fd3c64a7e78

Feb. 5, 2021 - 3 Critical Data Strategies for 2021

fox news logo

Jan. 8, 2021 - Ransomware Will Likely Get Worse in 2021

Digital Health

Dec. 9, 2020 - 5 Ransomware Predictions for the Healthcare IT Community logo

Nov 30, 2020 - 2021 Predictions: How to stay ahead of cyber criminals and protect your data


Nov 19, 2020 -The Right Data Integrity Approach Will Ramp Up Your Cyber Protection Strategy

Storage Reviews 2

Nov 1, 2020 - News Bits: Index Engines CyberSense


October 30, 2020 - Index Engines Interview on Ransomware Detection and Recovery

TT20 ss 84x44 

Oct. 28: Index Engines hones CyberSense for backup data protection  

cbuzzlogo new1

Oct. 28: Index Engines beefs up CyberSense ransomware detection and recovery software

Other Ransomware News

Ransomware is now a national security risk. This group thinks it knows how to defeat it

To help organisations recognise the threat posed by ransomware – no matter the sector their organisation is in – the RTF paper recommends that ransomware is designated a national security threat and accompanied by a sustained public-private campaign alerting businesses to the risks of ransomware, as well as helping organisations prepare for being faced with an attack.


Ransomware Reality Shock: 92% Who Pay Don’t Get Their Data Back

Ransomware is a business, a dirty, criminal business but one nonetheless. The gangs behind the attacks are well organized and used to the negotiation process, amenable to talking numbers. Of course, the value of that stolen data increasingly comes into play, and it may be that the auction price exceeds what an organization is prepared to pay. Still, that Sophos concludes the average total cost of ransomware attack recovery is ten times the average ransom payment is food for thought. The cybercriminals know this, and it's yet another piece of the extortion leverage picture.


Half of UK Manufacturers Suffered a Cyber-Attack Last Year

Half of British manufacturers and even more in the automotive sector suffered a successful cyber-attack last year, but cost remains a major barrier to improvements, according to an industry body.

“This is a strategic threat; failing to get this right as a nation could cost the UK economy billions of pounds and put thousands of jobs at risk. Every business is vulnerable and every business needs to take the necessary steps to protect themselves properly.”


Behind the Headlines: Why Ransomware Will Be One of 2020’s Most Infamous Legacies

This year cybercrime is estimated to cost the world over $1 trillion—a large part of which will be caused by the cost of remediating devastating ransomware attacks. As organizations continue to adapt to the new normal, cybercriminals are only increasing the scope and sophistication of their attacks. This means that alongside everything else that made last year remarkable, in the future, 2020 may also be remembered as the year that ransomware “took off.”


Ransomware: The internet's biggest security crisis is getting worse. We need a way out

If companies can't pay ransoms and don't have any other way to restore their data, they will face huge costs and disruption – potentially enough to put them out of business. Even organisations with backups and the required technical know-how will be forced to spend time and money restoring their systems. That could put them at a significant disadvantage compared to ransomware victims based elsewhere.


Government most hit by ransomware attacks in 2020 followed by Banking, says Atlas VPN

Government organizations took the biggest share of ransomware attacks last year — 31,906, while the banking sector suffered 22,082 attacks. Another industry that was hit hard by ransomware last year is manufacturing.  It experienced 17,071 ransomware attacks, which made up 16% of last year’s ransomware threats aimed at top industries.  Next up is the healthcare sector. It suffered 15,701 attacks, which accounted for nearly 15% of ransomware attacks targeting businesses in top sectors in 2020.  Finally, rounding out the top five industries most targeted by ransomware last year is the finance sector. It underwent 4,917 or almost 5% of last year’s ransomware attacks.


‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown

DS: Do your operators target organizations that have cyber insurance?

UNK: Yes, this is one of the tastiest morsels. Especially to hack the insurers first—to get their customer base and work in a targeted way from there. And after you go through the list, then hit the insurer themselves.


How Ransomware Techniques Have Changed

The techniques used to deploy ransomware attacks have also changed. Once delivered mostly through mass email blasts, ransomware is now commonly deployed and operated through sophisticated and highly targeted attacks. The chaos and uncertainty caused by the COVID-19 pandemic last year created a window for cybercriminals to reach new levels of sophistication and danger. In 2020, a victim was infected by ransomware every 11 seconds.


Microsoft Exchange exploit a possible factor in $50M ransomware attack on Acer

the REvil cybercriminal gang (also known as Sodinokibi) announced that it had breached Acer and shared some images of allegedly stolen files as proof. The leaked images consist of documents that include financial spreadsheets, bank balances and bank communications. 

A reported leak of the ransom note revealed that Acer has until March 28 to pay the $50 million ransom. If the ransom is not paid by that date, the ransom will apparently double to $100 million.


8 Ways Ransomware Operators Target Your Network8 Ways Ransomware Operators Target Your Network

Security experts predict the pace of ransomware attacks will accelerate this year as operators continue to succeed in extorting ransoms. As campaigns grow more organized and targeted, and the tools they require become easier to access, the future looks ominous for defenders.


These hackers sell network logins to the highest bidder. And ransomware gangs are buying

The buying and selling of stolen login credentials and other forms of remote access to networks has long been a part of the dark web ecosystem, but according to analysis by cybersecurity researchers at Digital Shadows, there's been a notable increase in listings by 'Initial Access Brokers' over the course of the past year.  These brokers work to hack into networks but, rather than making profit by conducting their own cyber campaigns, they'll act as a middleman, selling entry to networks on to other criminals, making money from the sales.


One Ransomware Victim Every 10 Seconds in 2020

A new organization became a victim of ransomware every 10 seconds in 2020 with remote workers experiencing a sharp uptick in threats, according to Check Point. The report claimed that consumers and organizations face 100,000 malicious websites and 10,000 malicious files every day, with double extortion ransomware in particular on the rise. In Q3 2020, nearly half of all ransomware incidents involved theft of data from the targeted organization.


Growing Collaboration Among Criminal Groups Heightens Ransomware Threat for Healthcare Sector

In a report Thursday summarizing its efforts over the past year, the CTI League says it expects ransomware attacks and activities like the trading and selling of databases containing protected health information (PHI) to increase this year. The group also expects an increase in "triple extortion" attacks involving the use of ransomware, data theft, and distributed denial-of-service (DDoS) attacks as leverage to extort money from healthcare entities.


Ransomware gangs are running riot, paying them off doesn’t help

The frequency of those crimes is increasing rapidly. An EU report published in 2020 found that ransomware attacks increased by 365% in 2019 compared to the previous year. Since then, the situation is likely to have become much worse. The US security company PurpleSec has suggested that overall business losses caused by ransomware attacks might have exceeded US$20 billion (£14.3 billion) in 2020, up from US$11.5 billion (£8.2 billion) in 2019.


Kia Motors America suffers ransomware attack, $20 million ransom

To prevent the leak of the data and receive a decryptor, DoppelPaymer is demanding 404 bitcoins worth approximately $20 million. If a ransom is not paid within a specific time frame, the amount increases to 600 bitcoins, or $30 million.


Breach Data Shows Attackers Switched Gears in 2020

The rising trend matches data from other security firms. Ransomware made up half of all cybersecurity incidents in 2020 and 81% of all financially motivated attacks, according to a report from the incident response team at CrowdStrike. The average ransom has exceeded $1.4 million, twice the cost of the cost of recovery, according to a report from Sophos.


Poor endpoint visibility exposing firms to 'systemic ransomware attacks

Businesses are finding themselves unable to prevent the spread of ransomware.  Most organizations have poor visibility into their endpoints, which makes them highly vulnerable to ransomware. Further, once the ransomware infects a network, they are almost powerless to stop it from spreading.


NetWalker ransomware investigation yields arrest, big cryptocurrency seizure

In a coordinated, multi-part offensive against NetWalker ransomware attackers, law enforcement agencies announced Wednesday that they charged a Canadian national, seized nearly half a million dollars in cryptocurrency and disabled a dark web leak site.  Vachon-Desjardins stands accused of obtaining at least $27.6 million. The cryptocurrency amounts that law enforcement recovered are gains from payments by three separate victims, according to DOJ.


Ransomware: Attacks could be about to get even more dangerous and disruptive

Ransomware attacks have become more powerful and lucrative than ever before – to such an extent that advanced cyber-criminal groups have switched to using it over their traditional forms of crime – and it's very likely that they're just going to become even more potent in 2021.


The Worst Hacks of 2020, a Surreal Pandemic Year

The pandemic also created unprecedented conditions in cyberspace, reshaping networks by pushing people to work from home en masse, creating a scramble to access vaccine research by any means, generating new fodder for criminals to launch extortion attempts and scams, and producing novel opportunities for nation-state espionage.


The State of Ransomware: A Bigger Fear Than COVID-19

These survey results reveal just how big of a problem the ransomware epidemic is: We’re in the midst of a global health pandemic that has taken trillions of dollars out of the global economy, yet many security professionals are more fearful of ransomware. Why? In many cases, it’s because they don’t have an effective ransomware incident response (IR) plan in place – and therefore, they don’t know what to do when a ransomware attack occurs.


66% of companies say it would take 5 or more days to fully recover from a ransomware attack ransom not paid

Almost two-thirds of respondents said they thought the security measures at their enterprise had not kept up with their IT complexity. Nearly half said their company had experienced a ransomware attack and among those who had suffered through one, on average they said they've faced 4.5 attacks.


Ransomware gangs are now cold-calling victims if they restore from backups without paying

"We are aware of a 3rd party IT company working on your network. We continue to monitor and know that you are installing SentinelOne antivirus on all your computers. But you should know that it will not help. If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat or the problems with your network will never end."


Foxconn electronics giant hit by ransomware, $34 million ransom

Included in the ransom note is a link to Foxconn's victim page on DoppelPaymer's Tor payment site where the threat actors are demanding approximately $34,686,000... the threat actors claim to have encrypted about 1,200 servers, stole 100 GB of unencrypted files, and deleted 20-30 TB Of backups.


Manufacturing is becoming a major target for ransomware attacks

the number of publicly recorded ransomware attacks against manufacturing has tripled in the last year alone.  That's potentially very troubling because the interconnected nature of the manufacturing supply chain means that if one factory gets taken down by a cyberattack, it could have wide-ranging consequences.


Furniture maker Steelcase shut down for two weeks following ransomware attack

The fact that it was forced to cease nearly all operations for two weeks makes this attack stand out from what would usually be just another ransomware attack. “Ransomware attackers are going after higher-value targets and that includes operational networks,” Carcano explained. “And remediation costs and efforts to repair the operational, financial and reputational damage caused by these attacks put a significant strain on leadership teams.”


Dozens of ransomware gangs partner with hackers to extort victims

The LockBit gang partnered with Maze to create an extortion cartel to share the same data leak platform during attacks, as well as to exchange tactics and intelligence. LockBit ransomware actors also take as little as five minutes to deploy payloads after gaining access to the victim network.


FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. hospitals and healthcare providers.”


Defending Against the Inevitable Ransomware Attack on Backup

Ransomware attacks grew by more than 365% in 2019 alone, and a growing number of those target backups. If you are attacked, your business could be forced to decide whether to pay the ransom. Plenty of people are doing just that, and it's expensive. One recent report found that the average cost of getting back to normal, including the ransom, costs nearly $1.5 million.  There are very good reasons why hackers are attacking backups: They know that the data in those backups are the keys to the kingdom, and they are extremely profitable.


Average ransomware demand increases 100% from 2019 through Q1 2020

Data from 25,000 small-to-midsize organizations reveals ransomware as the top cyber insurance incident in the first half of the year, with the average ransomware demand increasing 100% from 2019 through Q1 2020


Survey finds that IT departments victimized by ransomware forever changed

The impacts of a ransomware attack reach much further than technological or financial consequences on the business – they also take a toll on the humans behind IT security and their abilities to address future threats.  "Experiencing a ransomware attack firsthand adds even greater strain, undermining confidence in their own abilities and preparedness.”


Ransomware Tops 2020 Threat Rankings

Over a third of cyber-attacks observed by Kroll in 2020 can be attributed to three main ransomware gangs.  "Ryuk and Sodinokibi, perennially the most observed form of ransomware attack in Kroll’s cases, have been joined by Maze as the top three ransomwares so far in 2020, comprising 35% of all cyber-attacks," and over two-fifths (42%) of Kroll’s cases with a known ransomware variant are connected to a ransomware group actively exfiltrating and publishing victim data,".


This major criminal hacking group just switched to ransomware attacks

A widespread hacking operation that has been targeting organisations around the world in a phishing and malware campaign that has been active since 2016 has now switched to ransomware attacks, reflecting how successful ransomware has become as a money-making tool for cyber criminals. Dubbed FIN11 who describe the hackers as a 'well-established financial crime group' which has conducted some of the longest running hacking campaigns.


Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today.

In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”

Those that run afoul of OFAC sanctions without a special dispensation or “license” from Treasury can face several legal repercussions, including fines of up to $20 million.


Ransomware REvil deposits $1m in hacker fund to promote for-hire malware

The ransomware group REvil has deposited $1m worth of bitcoins into a hacker forum to initiate recruitment of affiliates. REvil seeks to hire affiliates who are skilled at penetration testing and other hacker routines, as well as people who have experience with hacking but do not have access to work.


Ransomware 2020: Attack Trends Affecting Organizations Worldwide

Ransomware incidents appeared to explode in June 2020. Ransom demands are increasing exponentially. In some cases, IBM Security X-Force is seeing ransom demands of more than $40 million.  Attackers are finding schools and universities to be an even more attractive target for ransomware attacks, especially as they begin classes virtually or are experimenting with hybrid environments due to COVID-19.


Microsoft: Ransomware attacks grow more dynamic, human-oriented

There’s plenty of evidence to indicate that cybercriminal groups consider the human foibles of their victims. According to Microsoft, ransomware actors actively switch tactics and tools depending on the specific security environment they encounter upon initial network access, or plan attacks around holidays and other times when they know the patching response will be slow.