World Why cyber gangs won't worry about US-Russia talks
U.S. Cyber Tools Are Being Turned Against Americans, Limiting Biden's Options on Russia
"Technically, a lot of these tools that are being leveraged for ransomware are tools that were leaked from our own organization," one cybersecurity official told Newsweek on the condition of anonymity."Technically, a lot of these tools that are being leveraged for ransomware are tools that were leaked from our own organization," a cybersecurity official who spoke on the condition of anonymity told Newsweek.
Russian President Vladimir Putin and US President Joe Biden have agreed to develop a cyber-security arrangement between the two countries after discussing the issue of ransomware at their summit in Geneva.
Mr Biden says he and Mr Putin will start consultations "to begin to bring some order" after recent high-profile attacks by criminal gangs on critical US companies.
But talks are likely to be complex after both sides disagreed about who was to blame for the growing problem of ransomware.
President Biden says he raised a recent attack whichwith Mr Putin.
Home Affairs boss wants to tackle cybercrime like the British Navy fought pirates
Home Affairs boss Mike Pezzullo says Australia should take on cybercriminals like the British Navy fought the pirates of the Caribbean in the 17th century. He also warned the threat of cyber attacks will soon reach "global pandemic proportions".Mr Pezzullo used an address to a parliamentary inquiry into new cyber-crime laws to suggest Australia take on a more offensive role in combating the threat.He suggested the counter-terrorism approach taken post-September 11 as one model, or even the British efforts to combat piracy worldwide hundreds of years ago.
The attack was carried out by hacker group Darkside, which is suspected to be Russian.
Mr Biden says he gave Mr Putin a list of 16 specific critical entities that should be considered "off-limits" from future cyber-attacks.
However President Putin told reporters that the Colonial Pipeline attack and others have "nothing to do with Russian authorities".
Mr Putin also claimed he had been told by US sources that most cyber-attacks originate from the US, and that Russian attempts to get information about attacks originating from the US are being ignored.
What evidence is there that many ransomware gangs are based in Russia?
The anonymous nature of the cyber world means it is often hard to know exactly who is doing the attacking and from where.
Biden reaffirms US commitment to NATO, cites 'new challenges' with Russia, China
President Biden on Monday said NATO is "facing new challenges," specifically referring to Russia and China, while maintaining that the NATO alliance is "essential" and "critically important" for U.S. interests.From NATO headquarters in Brussels Monday, the president maintained that the United States is looking to have a "stable and constructive" relationship with Russia, while assuring that the U.S. will always "respond" in the face of Russia’s harmful activities, and will always defend its allies.
However, over the last few years an undeniable pattern has been observed by experts that points in one distinct direction.
"The intelligence and research community believes that the attacks are coming from former Soviet block countries, namely Russia, Ukraine, and others", says former Russian hacker and now cyber-security expert Dmitry Smilyanets.
"There are multiple indications proving that point."
Dmitry Smilyanets and other experts point towards four distinct pieces of evidence:
- Most of the major groups advertise their malicious software products exclusively on Russian-speaking hacker forums on the dark web.
- Hacker groups predominately operate in Moscow business hours and generally go quiet during Russian public holidays.
- In many cases the code of the ransomware software also has specific instructions baked into it that automatically prevent attacks on computer systems that use Russian keyboard configurations.
- There are very few known victims of ransomware in Russia, or former Soviet states, in comparison to western countries.
"Covert engagement and clandestine operations aimed at ransomware operators and affiliates are also providing extraordinary intelligence," Mr Smilyanets who works for cyber-defenders Recorded Future says.
The Putin summit may backfire on Biden
The biggest risk Biden faces won’t come during the Putin summit. It’ll possibly come right afterward.That may sound good, but experts warn Biden is setting himself up for potential failure.
"Their knowledge and attribution are very accurate and support the findings of cyber-researchers also looking into this area".
In 2019 two Russian individuals were indicted by US and UK authorities accused of running the Evil Corp ransomware gang but both men remain free in Russia.
Putin claims Russia also facing ransomware attacks
In his press conference, President Putin told reporters that Russia regularly faces ransomware attacks and cited the example of a Russian healthcare service being hit by hackers, which he claimed was carried out by US hackers.
However, Dmitry Smilyanets says he thinks it's unlikely this incident would have been ransomware or news of any resulting disruption would have been public.
The reason there are so few ransomware attacks on Russia and the former Soviet states is often put down to the much discussed 'One Rule' of Russian hacking - which means you can go after anyone as long as they are not on friendly soil.
The most hated companies in the world
How is it that some of the most hated companies in the world are also the most profitable? The free market is supposed to reward good products and customer service, but it often doesn’t feel that way. Here are 20 of the most hated companies in the world, some of which have disappeared for good, but others which continue to thrive.
Ransomware is a global business
There's no doubt that ransomware gangs are operating in many other countries.
Hackers in North Korea for examplefor the most serious ransomware attack in history that impacted hundreds of NHS hospitals in the UK in 2017.
On the same day as the Geneva summit, six suspected criminals were arrested in Ukraine for alleged links to a ransomware group called Clop.
The individuals are being accused of being involved with attacks against organisations in the US and South Korea.
Another suspected hacker was arrested in Canada in January for his alleged involvement with another ransomware group called Netwalker.
However, none of these recent arrests are thought to have seriously harmed the core criminal enterprises of these well-funded and lucrative ransomware hacking networks.
Most experts agree that the epicentre of this destructive and lucrative criminal industry which is currently ripping through the world originates from Russia and its former Soviet neighbours.
EU wants emergency team for cyber-attacks .
European Commission says recent ransomware attacks on US and Ireland have "focussed mind"Recent ransomware incidents on critical services in Ireland and the US has "focused minds", the commission said.