Ransomware, supply chain attacks put cyber insurers on notice

Malicious cyber activity will force the insurance industry to raise premiums, raise standards and, in some cases, negotiate ransom payments, newly released data from Coalition shows.

By David Jones • July 28, 2021

Pipeline operators raise concerns over aggressive TSA cybersecurity directives

Many of the agency's directives are rooted in basic cybersecurity hygiene, not necessarily lengthy digital transformation efforts, the TSA administrator said. 

By Samantha Schwartz • July 28, 2021

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.

By Cybersecurity Dive staff

OT cyberattacks could threaten human safety by 2025: Gartner

Critical infrastructure facilities are struggling to contain sophisticated malware and ransomware threats, Gartner research shows.

By David Jones • July 26, 2021

No ransom paid to obtain decryptor, Kaseya says

After consulting with experts, Kaseya said it decided not to negotiate with the criminals behind the attack.

By David Jones • Updated July 27, 2021

How to keep business operations running after a cyber incident

While companies need to move quickly to mitigate the cyber event, they're also starting from behind. Once an incident happens, businesses have to catch up.

By Sue Poremba • July 23, 2021

White House ties cyberattacks to China, but private sector awaits stronger action

Security leaders urge more forceful action after the U.S. accused China of backing a campaign of malicious cyberattacks, including the early 2021 attacks against Microsoft Exchange server.

By David Jones • July 20, 2021

Kaseya restores SaaS monitoring service after REvil ransomware attack

The IT monitoring and management provider is working to restore service for on-premises customers after extensive hardening to protect against a future attack. 

By David Jones • July 12, 2021

Kaseya: What's known (and unknown) about the ransomware attack

The historic ransomware attack against the remote-monitoring provider leaves a number of outstanding questions. 

By David Jones • Updated July 12, 2021

Kaseya postpones service restoration, apologizes for attack

Outside engineers warned that Kaseya needs additional layers of protection as pre-existing vulnerabilities are revealed.

By David Jones • July 8, 2021

Kaseya misses first attempt to restore SaaS following REvil attack

The scope of the ransomware attack began to emerge, as thousands of SMBs and other organizations returned to work only to find systems compromised.

By David Jones • July 7, 2021

Kaseya wrestles with service restoration following supply chain attack

The company is working with federal officials to recover from a ransomware attack that Kaseya said impacted up to 1,500 downstream customers.

By David Jones • July 6, 2021

Ransomware attack against Kaseya creates rippling supply chain compromise

The remote monitoring software provider is warning customers to shut down servers after an incident that security researchers linked to REvil. 

By David Jones • July 2, 2021

Cloud targeted in widespread brute force campaign

The defense, logistics and energy sectors are among the various entities under threat by the campaign, which targets organizations using Microsoft Office 365.

By David Jones • July 2, 2021

Critical goods industries face existential ransomware decisions

For certain industries, the choice is between paying millions to settle a criminal extortion or allowing a catastrophic supply chain disruption.

By David Jones • June 30, 2021

Microsoft customer service agent briefly hit by fresh Nobelium attacks

The threat actor behind the SolarWinds attacks used brute force and password spraying in a new round of attacks, mainly targeting IT and government agencies.

By David Jones • June 28, 2021

Attacks against container supply chains grow more sophisticated

Bad actors are finding novel methods of attacking cloud-native environments, raising new security challenges for developers. 

By David Jones • June 21, 2021

Cost of ransomware: CISO exits, staff layoffs and unaccounted losses

Two-thirds of organizations incurred significant losses due to ransomware, a Cybereason survey found.

By Samantha Schwartz • June 17, 2021

JBS paid hackers $11M ransom to avoid further disruption

Law enforcement remained aware of the decisions the company was making, JBS USA CEO Andre Nogueira told The Wall Street Journal. 

By Samantha Schwartz • June 10, 2021

Colonial CEO defends oversight response, urges transparency on ransomware

Private industry needs more immediate and detailed threat intelligence to prevent these attacks from happening in the future, CEO Joseph Blount said.

By David Jones • June 10, 2021

Bad actors hide in everyday IT tools, complicating detection

Security tools automatically block certain threats, yet there's often a larger intrusion detection teams and services need to weed out.

By Samantha Schwartz • June 9, 2021

What to consider before paying a ransom

Amid rampant attacks, businesses have a choice: pay or suffer.

By Samantha Schwartz • June 7, 2021

Phishing attack against US government, NGOs shakes assumptions on containment

As federal authorities flex new, aggressive steps to deter malicious activity, analysts warn that an evolving threat actor may challenge industry's ability to trust anything. 

By David Jones • June 2, 2021

White House steps in as JBS ransomware interrupts consumer supply chain

The FBI attributed the attack to Russia-based REvil, and JBS is on schedule to restore operations Thursday.

By Samantha Schwartz • Updated June 3, 2021

APT actors ramp up cyber campaign targeting Pulse Secure VPNs

Mandiant researchers have identified four new malware families in an ongoing campaign targeting several key sectors, including the U.S. defense industry.

By David Jones • May 28, 2021

TSA directive will add teeth to pipeline security oversight

The Transportation Security Administration will require companies to appoint a cybersecurity coordinator, and report confirmed and potential security incidents to CISA.

By Samantha Schwartz • May 27, 2021