The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.
There are still many unanswered questions about the recent attack on Sony Pictures Entertainment, such as how the attackers broke in, how long they were inside Sony’s network, whether they had inside help, and how the attackers managed to steal terabytes of data without notice. To date, a sizable number of readers remain unconvinced about the one conclusion that many security experts and the U.S. government now agree upon: The North Korea was to blame. This post examines some compelling evidence from past such attacks that has helped inform that conclusion.
Millions of Web sites were shuttered Monday morning after Microsoft executed a legal sneak attack against a malware network thought to be responsible for more than 7.4 million infections of Windows PCs worldwide.
Yesterday’s story about the point-of-sale malware used in the Target attack has prompted a flood of reporting from antivirus and security vendors. Buried within those reports are some interesting details that speak to possible actors involved and to the timing and discovery of this breach.
Lost in the annals of campy commercials from the 1980s is a series of ads that featured improbable scenes between two young people (usually of the opposite sex) who somehow caused the inadvertent collision of peanut butter and chocolate. After the mishap, one would complain, “Hey you got your chocolate in my peanut butter!,” and the other would retort, “You got your peanut butter in my chocolate!” The youngsters then sample the product of their happy accident and are amazed to find someone has already combined the two flavors into a sweet and salty treat that is commercially available.
It may be that the Internet security industry is long overdue for its own “Reese’s moment.” Many security experts who got their start analyzing malware and tracking traditional cybercrime recently have transitioned to investigating malware and attacks associated with so-called advanced persistent threat (APT) incidents. The former centers on the theft of financial data that can be used to quickly extract cash from victims; the latter refers to often prolonged attacks involving a hunt for more strategic information, such as intellectual property, trade secrets and data related to national security and defense.
Spam trackers are seeing a fairly dramatic drop in junk e-mail sent over the past few days, specifically spam relayed by the one of the world’s largest spam botnets – although security experts disagree on exactly which botnet may be throttling back or experiencing problems.