The first one is a report released by the FBI stating the earning details of Hive Ransomware Group. FBI issued a joint advisory along with CISA that the said hacking group extorted more than $100m in this financial year by infecting over 1300 victims in 15 months starting from June’21.Victims list include government organizations, communication sector companies, IT businesses and businesses involved in healthcare sector.
Second is the news related to Microsoft releasing a report on a newly discovered Royal Ransomware, first detected in Aug’22. Microsoft Security Threat Intelligence group said in its latest post that the group of criminals were using Google Ads in one of their campaigns of spreading malware and the victim includes a renowned motor racing circuit in the United Kingdom.
The American tech giant claims that it discovered the malvertising campaign in October this year where DEV-0569 was seen redirecting users to malicious files downloading website.
Google was informed about this malicious practice by the Windows giant early this month and the Alphabet Inc’s subsidiary took measures to curtail this malware attack affecting its normal ad traffic.
Third is the news related to UK’s COBRA meetings that have been intensively discussing ransomware incidents these days rather than other emergencies. Earlier, the Cabinet Office Briefing Room (COBR) was seen discussing terrorist attacks. But now, focus remains to be malware attacks and how they have to be handled from the perspective of victims.
Ironically, the meetings convened by COBRA were linked to Whitehall Sprint, that was supposed to be concluded by December last year, and the recommendations were to be discussed at the G7 meeting at the end of 2021. However, the government failed to put Sprint on an actionable path and so the project seems to be jinxed.