Press "Enter" to skip to content

Strong words from Interpol, new resources from CISA and MITRE, and who’s phished the most?

Dutch cybersecurity firm Tesorion has released a free decryptor for the Lorenz ransomware, allowing victims to recover some of their files for free without paying a ransom

An international law enforcement operation has seized the servers, data, and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities.

DoubleVPN is a Russian-based VPN service that double, triple, and even quadruple-encrypts data sent through their service.   “The golden age of criminal VPNs is over”, says Europol’s cybercrime center’s head.

The NSA has warned that Russian nation-state hackers are conducting brute force attacks to access US networks – and using a Kubernetes cluster to do it.     Microsoft has warned about three bugs in some NETGEAR routers which are being used as a stepping stone into networks.

A report from Avanan shows that customers in IT, healthcare, and manufacturing are the top targets for phishing emails.     Why?   The large amounts of personal data they collect, and they are often using outdated technology that can be easily hacked.

The average paid loss for a closed standalone cyber claim jumped to $358,000 in 2020 from $145,000 in 2019, according to a recent report by Fitch Ratings. A key metric for the profitability of a line of insurance—the statutory direct loss plus defense and cost containment (DCC) ratio—also skyrocketed last year to 73%, which compares with an average of 42% for the previous five years for cyber insurance, the report found.   More data supporting changes in due to cyber insurance.   

We have a price tag for the SolarWinds attack – an average of $12 million per affected company.     70% of companies in the survey by IronNet felt some impact from the attack too.  

CISA has released their Ransomware Readiness Assessment, which is a step-by-step process for evaluating cybersecurity practices on networks.   It’s available right on GitHub.    MITRE also released Defend, which is their cybersecurity countermeasures framework.

And that Western Digital issue.. sadly, it seems there is another one.   A second exploit also allows for a full wipe of the device.  

Why do we care?

While the incident list is relentless, there are positive notes in here.   That pressure for change from insurance companies will build… but the creation of tools, frameworks, and assessments feels like it’s increasing.     I’ll mark that as a positive, particularly with increased law enforcement attention – or even the perception of it.