Over a three-month period in 2015, a single cybercrime gang managed to earn at least $330,000 in bitcoins thanks to an estimated 670 victims paying attackers to decrypt ransomware-infected systems. Should police be doing more to stop these attacks?
"We never negotiate" might be the expectation whenever law enforcement or government agencies get targeted by criminals or even "cyberterrorists." But outside Hollywood, the reality too often turns out to be far less rigid.
Sometimes language barriers can be a good thing: Many malware-wielding cybercriminals have historically targeted users in North America and Europe over Japan, owing to linguistic challenges. But that's changing.
Three banks and a pharmaceutical company in India are reported to have been hacked by attackers who compromised IT administrators' computers using Lechiffre ransomware, demanding payment in bitcoins. How should CISOs defend against extortion?
Israel has reportedly foiled a "severe cyberattack" launched against the Israeli Electricity Authority. The malware attack doesn't appear to have resulted in any disruption to the country's power grid, but many government systems remain offline.
Extortion campaigns waged by cybercriminals are expected to become more damaging in 2016, putting additional pressure on CISOs to enhance protection of internal networks and educate employees about extortionists' techniques, says iSight Partner's John Miller.
Tracing bitcoin transactions, some security experts suspect multiple gangs have each amassed more than $1 billion, making them the equivalent of "unicorns" - a term venture capitalists apply to extremely successful startup firms. In case there was any doubt, cybercrime really does pay.
European police have arrested a "main target" as part of a previously undisclosed law enforcement effort, dubbed Operation Pleiades, against the distributed denial-of-service attack gang called DD4BC, or "DDoS for Bitcoin."
According to sources in the industry and community, organizations are regularly getting breached and held to ransom in India. What's the story, and why are these organizations choosing to remain silent about these attacks?
Adobe is warning Flash users to update their software immediately in the wake of zero-day attacks that can enable attackers to take full control of vulnerable systems. This year, Adobe has patched 316 bugs in Flash. Is it time for the plug-in to die?
Malaysia expects to witness increased incidents of commercial fraud, ransomware and online scams in 2016. Cybersecurity head Amiruddin Abdul Wahab drives the agenda for securing cyberspace and discusses measures to tackle threats.
The latest strain of Android malware called SlemBunk tries to trick mobile banking application users into sharing their banking, social network and other credentials, as security experts see the number of mobile malware attacks continuing to increase.
The FBI has arrested three men on charges that they participated in a hacking and identity theft scheme designed to fuel spam campaigns, including the insider-enabled theft of account details for 24.5 million Comcast customers.
Two new malware reports - one from security researchers at technology giant Cisco, another from cybersecurity firm FireEye - demonstrate how developers continue to refine malicious code to maximize information-stealing and extortion potential.