Tag: ransomware

SpiceJet’s brush with ransomware is a timely reminder to protect yourself against this cyber menace

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

SpiceJet said on Wednesday it thwarted a ransomware attack attempt, which hobbled the airline’s systems and delayed multiple flights by several hours. While the fallout was, at worst, frayed passenger tempers and tangled logistics, the incident has shifted the spotlight to the menace of ransomware attacks, which gained prominence in 2017.

In fact, all available data suggests that ransomware is here to stay. So, best prepare yourselves.

A recent report by anti-malware software maker Malwarebytes stated 280 cases of attacks by known types of ransomware in April 2022. Of these, India accounted for five attacks or 2 percent.

As per a new report by Verizon, there was a 13 percent increase in ransomware attacks globally, including in India, in 2021.

The “2022 Data Breach Investigations Report (DBIR)” said last year accounted for more ransomware attacks than the previous four years combined. For the purpose of the report, Verizon studied 5,212 breaches and 23,896 cybersecurity incidents reported by 87 organisations.

What is ransomware?

As the name suggests, a ransomware attack is an attempt by hackers to hold a system hostage. The attacker will deny the target — typically a large organisation — access to the system until they pay a ransom. This is achieved by either gaining unauthorised access to a system remotely or tricking the target into downloading a legitimate-looking file or clicking on a link sent on email, which then encrypts the user’s files and locks them.

More sophisticated ransomware attacks — like WannaCry — can transmit between computers without user intervention.

According to the report, there are four critical paths a hacker could take to holding a company to ransom — duplicating credentials, phishing, exploiting vulnerabilities, and deploying botnets. Duplicating credentials was the most widely used method to execute a ransomware attack in 2021, with an over 40 percent share.

System intrusion attacks in 2021

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

SpiceJet passengers hassled as flights delayed due to ransomware attack

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Certain SpiceJet systems faced an attempted ransomware attack last night, according to a statement by the company. Several flights have been delayed by 2-4 hours due to these system issues.

The ransomware attack impacted and slowed down morning flight departures, as per the company and in a released statement it said that “Our IT team has contained and rectified the situation and flights are operating normally now.”

However, complaints are aplenty on Twitter with passengers alleging that the management of the situation has been subpar.

.@flyspicejet we are checked in 5:55 am for Flight SG2950 Delhi-Varanasi today flying schedule was 6:25,passengers stuck since 2 hours,it is strange no official came from SpiceJet to clarify for excess delay,very shameful,gross negligence @JM_Scindia @AAI_Official @PMOIndia

— Satish Poonia (@DrSatishPoonia) May 25, 2022

Extremely poor customer service by @flyspicejet. My flight to Srinagar SG 473 scheduled at 6.25AM from delhi today is still at the airport. Staff has no clue and poor excuse is server down so cannot take print outs. Passengers are suffering. @JM_Scindia @MoCA_GoI please help us..

— सौरभ गोयल (@sourabh_goyal) May 25, 2022

The stock began trading with a positive bias after it was announced that it had signed and concluded the settlement and consent terms with Credit Suisse AG with regard to the pending dispute between the two parties.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

New ‘GoodWill’ ransomware makes targets donate to poor, provide financial help to needy patients

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

A new ransomware has been detected in India that makes victims donate new clothes to homeless, feed kids in branded pizza outlets and provide financial help to anyone who needs urgent medical attention but cannot afford it, according to digital risk monitoring firm Cloudsek.

The company warned that the GoodWill ransomware could also result in temporary, and possibly permanent, loss of company data and a possible shutdown of the company’s operations and accompanied revenue loss.

ALSO READ | DigiLocker services now available on WhatsApp: Check how to access

“GoodWill ransomware was identified by CloudSEK researchers in March 2022. As the threat group’s name suggests, the operators are allegedly interested in promoting social justice rather than conventional financial reasons,” Clousek said in a report.

Once infected, the GoodWill ransomware worm encrypts documents, photos, videos, database, and other important files and renders them inaccessible without the decryption key.

“The actors suggest that victims perform three socially driven activities in exchange for the decryption key- donate new clothes to the homeless, record the action, and post it on social media, take five less fortunate children to Dominos Pizza Hut or KFC for a treat, take pictures and videos, and post them on social media and provide financial assistance to anyone who needs urgent medical attention but cannot afford it, at a nearby hospital, record audio, and share it with the operators,” the report said.

ALSO READ | Zomato shares make a sharp U-turn as investors await quarterly numbers

Once all three activities are completed, the ransomware asks victims to write a note on social media (Facebook or Instagram) on “how you transformed yourself into a kind human being by becoming a victim of a ransomware called GoodWill.”

Upon completing all three activities, the ransomware operators verify the media files shared by the victim and their posts on social media.

“The actor will then share the complete decryption kit which includes the main decryption tool, password file and a video tutorial on how to recover all important files,” the report said.

“Our researchers were able to trace the email address, provided by the ransomware group, back to an India-based IT security solutions & services company, that provides end-to-end managed security services,” the

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Nvidia confirms ransomware attack and leak of data; hacking the hacker didn’t help

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Nvidia, the world’s biggest semiconductor chip company, has confirmed that it has been on the receiving end of a ransomware attack. Among the information stolen, employee credentials and proprietary company information are now being leaked online, according to statements from the company to TechCrunch.

Reports had started to emerge about a possible ransomware attack on the company as early as February 25. The group behind the attack is thought to be ‘Lapsus$,’ which claimed responsibility on its Telegram channel, stating that it has stolen over 1 terabyte of data from Nvidia.

Also read: The future of cybersecurity: How digital attacks are fueling need for network security experts?

The group claims that it has gotten access to proprietary data like source code, including the code for Nvidia’s hash rate limiter, which makes Nvidia’s graphic cards worse for cryptocurrency mining.

Lapsus$ has also hit the Brazilian Ministry of Health, a Portuguese company, and South American corporations Claro and Embratel. The group has claimed that it is not politically affiliated and implied that the hack is not in response to the ongoing Russia-Ukraine conflict, which Nvidia has also corroborated.

Also read: 1 out of 61 organisations hit by ransomware every week: Study

Nvidia hacks back

On realising the attack, Nvidia hired cybersecurity experts and informed law enforcement agencies. But that is perhaps not the only action that the company took.

Nvidia somehow managed to track Lapsus$ members and hack into their systems to install ransomware. Screenshots shared by threat analysts and Vx-underground, an organisation dedicated to collating information about malware, Lapsus$ was  successfully targeted by Nvidia.

Also read: 76% Indian companies suffered ransomware attacks in 2021, many paid extortion, finds survey

Lapsus$ called Nvidia “criminals” and “scum” for installing ransomware on their machines. Unfortunately for Nvidia, the tactic did not work as the information was already backed up to other devices. Hacking back hackers is not unheard of as it prevents the leak of confidential information.

LAPSU$ extortion group, a group operating out of South America, claim to have breached NVIDIA and exfiltrated over 1TB of proprietary data.

LAPSU$ claims NVIDIA performed a hack back and states NVIDIA has successful ransomed their machines

Intel and photos courtesy of @S0ufi4n3 pic.twitter.com/fXcTNqgIpW

— vx-underground (@vxunderground) February 26, 2022

Lapsus$ demand

Lapsus$ is demanding a fee from Nvidia, as is usually the case in ransomware attacks, to not leak the information online. Perhaps strangely, they have also demanded Nvidia to make its future GPU drivers open source.

#Lapsus want to make #Nvidia Open source lol 😂@SOSIntel@vxunderground@GossiTheDog@campuscodi#CyberAttacks#infosec#leaks pic.twitter.com/p3a7Z8e9Eb

— Soufiane Tahiri (@S0ufi4n3) March 1, 2022

Nvidia has stated that it is currently analysing the data which has been stolen and now being leaked. “Security is a continuous process that we take very seriously at Nvidia — and we invest in the protection and quality of our code and products daily,” the Nvidia spokesperson added to TechCrunch.

Also read: Explained: Why hackers prefer ransomware payment in Bitcoin

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

76% Indian companies suffered ransomware attacks in 2021, many paid extortion, finds survey

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Indian businesses with an online presence remained one of the primary targets of cybercriminals throughout 2021. A report suggests 76 percent of organisations in the country suffered at least one ransomware attack in the past 12 months.

In fact, the survey by US security firm CrowdStrike and market research firm Vanson Bourne revealed 49 percent of Indian businesses that have a digital presence recorded multiple ransomware attacks.

The survey report, released on December 7, added that Indian firms suffered more ransomware attacks than any other country in 2021, adding that several of these companies gave in to extortion demands to avoid an attack. Around 27 percent of the firms paid an average of $5,00,000 to cyber attackers as extortion fees. The ransom paid by certain organisations was upwards of $5 million.

According to cyber experts, the occurrences of ransomware attacks have shot up globally. In India, such attacks recorded an unprecedented increase as the country witnessed a massive surge in the adoption of technologies in the wake of the COVID-19 pandemic. Several companies have shifted to remote or hybrid working models, increasing their dependence on online business processes.

Also Read | US State Department phones hacked with Israeli company spyware: Report

This, according to security researchers, made Indian companies easy targets for ransomware attacks. Also, the attack surface — the total number of points of entry for a hacker — has increased for cybercriminals due to remote working.

Experts have pointed out that cybercriminals will continue to exploit security vulnerabilities till Indian companies stick to legacy security solutions. They add that Indian firms don’t spend enough on threat intelligence (pre-empting cyberattacks) and threat hunting services (removing bugs and other pain points in IT infrastructure).

Despite the massive increase in cyberattacks, 72 percent of Indian firms have expressed confidence in their IT security systems. Sixty percent of the companies say they have a comprehensive strategy in place to coordinate a response to such cyberattacks.

Also Read: The future of cybersecurity: How digital attacks are fueling need for network security experts?

The report comes a week after global research firm, Gartner, had predicted that Indian companies are likely to spend more than $100 billion on their IT infrastructure.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

US to partner with Israel to combat ransomware attacks

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

The US Treasury Department said on Sunday it will partner with Israel to combat ransomware, with the two countries launching a joint task force to address cybersecurity.

The task force will develop a memorandum of understanding supporting information sharing related to the financial sector, including cybersecurity regulations and threat intelligence, the Treasury Department said.

The announcement follows a virtual meeting on ransomware that held at the White House in October with the European Union and more than 30 countries, including Israel.

Deputy Secretary of the Treasury Wally Adeyemo asked then for international cooperation to address the abuse of virtual currency and disrupt the ransomware business model.

The partnership follows measures taken to combat a surge in ransomware that has struck several big U.S. companies, including an attack on the largest fuel pipeline in the United States that crippled fuel delivery for several days.

A broader U.S.-Israeli task force was also launched on Sunday to address issues related to fintech and cybersecurity, the Treasury Department said.

Adeyemo met with Israeli Finance Minister Avigdor Lieberman and Director General of the National Cyber Directorate Yigal Unna in Israel on Sunday to establish a bilateral partnership, the department said in a statement.

Earlier this month, the U.S. Justice Department charged a Ukraine national and a Russian in one of the worst ransomware attacks against American targets.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

1 out of 61 organisations hit by ransomware every week: Study

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Trickbot, a trojan designed to steal banking information, is the most prevalent malware affecting 4 percent organisations across the world, a new study has revealed.

Malwares XMRig and Remcos are two other commonly-used vulnerabilities, cybersecurity solutions provider Check Point Software Technologies said in the report, ‘Global Threat Index for October 2021.’

“Globally, one out of every 61 organisations is impacted by ransomware every week. That’s a shocking figure and companies need to do more. Many attacks start with a simple email, so educating users on how to identify a potential threat is one of the most important defences an organisation can deploy,” said Maya Horowitz, Vice-President of Research at Check Point Software.

Also read: Deepfakes, cryptocurrencies and mobile wallets: Cybercriminals find new targets

The report also said the education or research sector was the most attacked industry globally, followed by communications and government/military industries.

Latest entrant

The latest entrant in the top 10 list of exploited vulnerabilities for October is Apache HTTP Server Directory Traversal. On discovery of the malware, developers of Apache had released a patch to fix the path traversal bug in Apache HTTP Server 2.4.50. However, the patch was insufficient in protecting against the vulnerability. This high-impact vulnerability can be exploited by attackers to gain access to arbitrary files on the affected system, Check Point Research, the threat intelligence arm of Check Point Software Technologies, said.

“The Apache vulnerability only came to light early in October and is already one of the top 10 most exploited vulnerabilities worldwide, showing how fast attackers move,” Horowitz said.

More about malwares

The trojan ,Trickbot, first identified in 2016, was initially used by sophisticated cybercrime actors to steal financial data. It has evolved into highly modular, multi-stage malware and can now be used to steal account credentials, financial details, personally information and drop ransomware. Trickbot has featured as the most prevalent malware five times earlier, Check Point Research said.

Also read: US to crack down on crypto ransomware attackers, issue guidelines: Report

XMRig is a legitimate open-source software used for mining of the Monero cryptocurrency, released in 2017. The application exploits vulnerable Windows, Linux and IIS servers to mine Monero.

Remcos, first released in 2016, opens a backdoor on the computer once it is installed, giving full access to a remote user. It can be distributed through malicious Microsoft Office documents in spam mails.

Also read: Explained: Why ransomware is so dangerous and hard to stop

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Deepfakes, cryptocurrencies and mobile wallets: Cybercriminals find new targets

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Ransomware activity over 2021 reached new heights as key infrastructures were hit in several high-profile cases. Analysts from Check Point Research (CPR) have predicted supply chain cyberattacks with larger ransom demands in the coming year.

CPR, a leading provider of cyber security solutions to corporate enterprises and governments globally, made several key predictions for 2022 in its report.

Also read: India to play key role in Joe Biden’s meet on ransomware attacks; all you need to know

“In 2021, cybercriminals adapted their attack strategy to exploit vaccination mandates, elections and the shift to hybrid working, to target organisations’ supply chains and networks to achieve maximum disruption,” said Maya Horowitz, VP Research at Check Point Software.

Deepfakes will prove to be a huge issue as technology advances enough to create believable audio and video that can be easily weaponised to spread targeted content for misinformation and to even target stock prices.

Hackers will soon attempt to infiltrate more cryptocurrencies by taking over wallets using new exploits in a rapidly-developing technology. “When money becomes purely software, the cybersecurity needed to protect against hackers stealing and manipulating Bitcoins and altcoins is sure to change in unexpected ways,” the report stated.

“Throughout 2021, misinformation was spread about the COVID-19 pandemic and vaccination information. In 2022, cyber groups will continue to leverage fake news campaigns to execute various phishing attacks and scams,” CPR added.

Also read: US to crack down on crypto ransomware attackers, issue guidelines: Report

Digital payment platforms, mobile wallets and unified payment systems (UPI) have become commonplace for the smartphone-centric individual. The ubiquity of such devices and apps will only help cybercriminals prey on unsuspecting people who use those platforms.

Seeing the success of ransomware attacks on supply chain organisations, many cybercriminals will focus on targeting such companies. In response, governments will begin to rapidly mobilise response networks to counter, address and protect their national infrastructure from such attacks.

Also read: Air India cyber attack: Hackers target passengers’ credit card info, passport details

“The sophistication and scale of cyberattacks will continue to break records and we can expect a huge increase in the number of ransomware and mobile attacks. Looking ahead, organisations should remain aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks, including the most advanced ones. To stay ahead of threats, organisations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks,” Horowitz added.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

India to play key role in Joe Biden’s meet on ransomware attacks; all you need to know

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

India will be one of the countries leading discussions on measures to counter ransomware attacks at a meeting helmed by the Joe Biden administration. The first-of-its-kind two-day meet, that ends on October 14, will be attended virtually by ministers and senior officials from over 30 countries.

This year, in particular, has seen several large-scale ransomware attacks. The ransomware attacks on Colonial Pipeline, JBS meat packers, besides numerous strikes on municipal authorities, private organisations and even hospitals, have sent authorities scrambling. The wide-scale adoption and increasing value of cryptocurrencies, through which the ransom is often collected, have added fuel to fire.

Recognising the key weaknesses and susceptibility of important infrastructure to ransomware attacks, President Biden had announced the international discussion earlier in the month.

“The initiative builds on President Biden’s leadership to rally allies and partners to counter the shared threat of ransomware. It builds on our own domestic efforts as well — significant efforts, as you saw, on the recent Treasury designation and other efforts we have underway,” a senior administration official told reporters.

Also read: US to crack down on crypto ransomware attackers, issue guidelines: Report

Growing ransomware attacks also pose a serious economic threat, the true extent of which is often hard to ascertain. Many companies often choose not to divulge the fact that they were compromised to avoid negative attention from the media and customers.

“Ransomware payments reached over $400 million globally in 2020, and topped $81 million in the first quarter of 2021, illustrating the financially driven nature of these activities,” read a statement from a White House fact sheet published for the event.

The discussions will follow four strategies that the Biden administration is employing to neutralise the ransomware threat. These include — Disrupt Ransomware Infrastructure and Actors, Bolster Resilience to Withstand Ransomware Attacks, Address the Abuse of Virtual Currency to Launder Ransom Payments, and Leverage International Cooperation to Disrupt the Ransomware Ecosystem and Address Safe Harbors for Ransomware Criminals.

India, along with Australia, Germany and UK would each lead the discussions on particular topics. The countries volunteered to organise the specific thematic discussions at the event. India will be tackling resilience, Austria, disruption, the UK will anchor virtual currency and Germany will helm diplomacy.

Australia, Brazil, Bulgaria, Canada, Czech Republic, Dominican Republic, Estonia, the EU, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, the Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, the UAE, and the UK will also be joining the meeting.

Also read: Explained: Why ransomware is so dangerous and hard to stop

However, two key players and often-accused state accessories will be missing. Russia and China will not be attending the meet. It is unclear if they have not been invited or they chose not to attend. Both countries have been accused of conducting state-sponsored cyberattacks on other nations. Russia is seen to be giving implicit aid to the hackers while the Chinese Ministry of State itself is allegedly involved in the attacks.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

US to crack down on crypto ransomware attackers, issue guidelines: Report

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

The US government is gearing up to penalise hackers who have extorted millions of dollars in digital currency from major US firms through ransomware attacks, The Wall Street Journal said quoting people familiar with the matter. The treasury department plans to impose sanctions that will disrupt the revenue source of ransomware attackers as soon as next week.

In a ransomware attack, a hacker accesses a company’s computer system and uses malware to encrypt their data. The hacker decrypts the data only on payment of a ransom, which is mostly done in digital currency like Bitcoin as they are difficult to trace.

In recent years, ransomware attacks have risen in number and become a thriving business, threatening critical infrastructures such as power operators, hospitals and banks.

Also read: ‘Dogefather’ Elon Musk tweets Floki Inu to new heights: All you need to know about crypto world’s new sensation

According to a study by cybersecurity firm Sophos, the average total cost of recovery from a ransomware attack has increased $1.85 million in 2021 from $761,106 in 2020. The average ransom paid to hackers is $170,404, says the UK-based firm.

The US government is planning to issue fresh guidance to businesses on how to avoid making ransomware payments. It also plans to limit the use of cryptocurrency for making ransom payments by enacting new anti-money laundering and terror finance rules by the end of this year.

To effectively choke illicit crypto payments, the treasury department is likely to single out specific targets such as digital wallets that receive ransom transactions.

Also read: Explained: US regulators issues with cryptocurrency trading platforms

It would also have to target crypto platforms that cybercriminals use to exchange a set of blockchain coins for another. People who manage these operations will also come under the radar, analysts told The Wall Street Journal. The treasury department declined to comment on this and has not yet made any formal announcement on the issue.

Government agencies have already penalised individuals and companies for facilitating illicit payments through cryptocurrencies. In October 2020, the Treasury’s Office of Foreign Assets Control warned victims of attacks and others of the risks of making ransomware payments, saying it was a violation of US laws.

“Paying a ransom may embolden adversaries to target additional organisations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities,” the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency had said in August this year.

Also read: This Shark Tank celebrity investor wants to double his crypto holdings, calls for US regulation

The ransomware threat caught eyeballs when an alleged Russian hacking group called DarkSide launched a ransomware attack against Colonial Pipeline in May this year, disrupting fuel distribution in several states. The Colonial Pipeline is one of the largest fuel pipelines in the US. It paid $4.4 million to the hackers to retrieve official data.

The array of actions by the Biden administration is one of the most significant attempts to curb the digital finance ecosystem of traders, exchanges and individuals, which has incentivised ransomware attacks in recent years.

“An action of this kind would be an aggressive, proactive approach to going after those who facilitate ransomware payments,” Ari Redbord, a former senior treasury security official, told The Wall Street Journal.

Also read: The future of Bitcoin: From Ray Dalio to Cathie Wood, top investment pandits weigh in

The government is also planning to internationalise the fight against ransomware attackers. The Group of Seven (G7) nations also pledged to collectively act against illicit crypto payments.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow