Home https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Technology https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Hackers steal 26 MILLION Apple, Amazon and Facebook login after accessing 3.5 million PCs

Hackers steal 26 MILLION Apple, Amazon and Facebook login after accessing 3.5 million PCs



The U.S. Department of Justice is raising the investigation of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and growing damage caused by cybercriminals, a senior official told Reuters.

Internal guidance sent Thursday to U.S. law firms across the country said information on field ransomware investigations needed to be coordinated centrally with a newly established task force in Washington.

The letter was sent to Deputy Attorney General Lisa Monaco and was entitled ‘Guidance on Investigations and Cases Related to Ransomware and Digital Extortion’, according to Cyber ​​Scoop News, which received a copy of the letter.

̵

6;Recent ransomware attacks – including last month’s attack on the Colonial Pipeline – underscore the growing threat that ransomware and digital extortion pose to the nation and the destructive and devastating consequences that ransomware attacks can have on critical infrastructure,’ Monoco wrote in the letter. .

John Carlin, acting deputy attorney at the Department of Justice, told Reuters that the guidelines are 'a specialized process to ensure we track all ransomware cases'

John Carlin, acting deputy attorney at the Department of Justice, told Reuters that the guidelines are ‘a specialized process to ensure we track all ransomware cases’

Internal guidance sent Thursday to U.S. law firms across the country said information on field ransomware investigations should be coordinated centrally with a newly established task force in Washington

Internal guidance sent Thursday to U.S. law firms across the country said information on field ransomware investigations should be coordinated centrally with a newly established task force in Washington

‘A key objective of the newly launched Ransomware and Digital Extortion Task Force is to ensure that we have the full authority and resources in the department to confront the many dimensions and root causes of this threat.’

The guide added: ‘To ensure that we can create the necessary links across national and global cases and investigations and to enable us to develop an overall picture of the national and economic security threats we face, we need to improve and centralize our internal tracking. ‘

John Carlin, acting deputy attorney at the Department of Justice, told Reuters that the guidelines are ‘a specialized process to ensure we track all cases of ransomware no matter where it may be referred in this country so you can establish links between actors and work your way up to disrupt the entire chain. ‘

Last month, a cybercrime group that US authorities said operates from Russia broke into a pipeline operator on the US East Coast, locked its systems and demanded a ransom. The hack caused a closure that lasted several days, led to a rise in gas prices, panic purchases and local fuel shortages in the southeast.

Colonial Pipeline decided to pay hackers who invaded their systems nearly $ 5 million to regain access, the company said.

The Justice Department’s decision to push ransomware into this special process illustrates how the issue is prioritized, U.S. officials said.

‘We’ve used this model around terrorism before, but never with ransomware,’ Carlin said. The process is typically reserved for a short list of topics, including national security cases, legal experts said.

In practice, this means that investigators in U.S. law firms handling ransomware attacks are expected to share both up-to-date case information and active technical information with executives in Washington.

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted about the news Thursday.

‘This is a positive indication that we are getting serious about stopping ransomware. Much more needs to be done, but a change of direction is a good thing, ‘he tweeted.

Krebs explained how the ransomware situation in the United States has worsened, calling the attacks ‘a lucrative business model with low barriers to entry’, noting that so far there have been ‘no meaningful consequences for criminals or their hosts.’

He also claimed that the security situation of companies makes it ‘too easy for the bad guys’, while speculating that the Russian government allows ransomware groups to flourish because it’ builds a cyber workforce that they can later call in ‘and’ creates well-paid job ‘to keep the country’s residents’ off the streets. ‘

Krebs noted that the ransomware attacks also ‘undermine confidence in Western citizens’ in their government’s ability to defend them.

The former federal official said he reviewed a letter from the deputy general security adviser in which Krebs said a number of things stand out – including that the government is considering ‘all companies are at stake’ and could be targets for ransomware.

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials are taking the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials are taking the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials are taking the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials are taking the threats seriously

He tweeted that he ‘can’t remember a letter like this’ from a senior White House national security official.

Krebs said the government is considering ‘all businesses are at stake’ as ransomware is opportunistic and that it is a risk of business disruption, not just theft.

The cybersecurity expert urged officials to ‘use various tools of national power to determine the consequences for criminals and the countries that enable them’ and to make it more difficult to use cryptocurrency for payments.

The White House warned business executives and business executives on Thursday to step up security measures to protect against ransomware attacks after intrusion disrupted operations also disrupted operations at a major meat packing company.

Anne Neuberger, cybersecurity adviser at the National Security Council, said in a letter that there has been a significant increase in the frequency and magnitude of ransomware attacks.

“The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public, ‘she added.

The recent cyber attacks have forced companies to see ransomware as a threat to core business activities and not just data theft, as ransomware attacks have shifted from theft to disruptive operations, she said.

Strengthening the country’s resilience to cyber attacks was one of President Joe Biden’s highest priorities, the White House said.

‘But we can not do it alone,’ White House Press Secretary Jen Psaki said on Thursday. ‘Business leaders have a responsibility to strengthen their cyber defenses to protect the American public and our economy.’

No company, large or small, is safe from ransomware attacks, Neuberger told business.

The letter came after a major meat package resumed U.S. operation Wednesday after a ransomware attack disrupted meat production in North America and Australia.

A Russian-linked hacking group, known as REvil and Sodinokibi, was behind the cyber attack on JBS SA, a source familiar with the matter told Reuters.

The cyber attack followed one last month by a group with ties to Russia on the Colonial Pipeline, the largest fuel pipeline in the United States, which paralyzed fuel supply for several days in the southeastern United States.

Biden believes Russian President Vladimir Putin has a role to play in preventing these attacks and planned to raise the issue during their summit this month, Psaki said.

Neuberger’s letter outlined immediate steps that companies can take to protect themselves from ransomware attacks, which can have ripple effects far beyond the company and its customers.

These include best practices such as multifactor authentication, endpoint detection and response, encryption and a skilled security team. Companies need to back up data and regularly test systems as well as update and patch systems right away.

Neuberger advised that companies test response plans for incidents and use a third party to test the work of the security team.

She said it was crucial that business functions and production operations be run on separate networks.


Source link