A leading payments industry news source for more than 17 years. Glenbrook curates the news and keeps you abreast of the important daily headlines in payments.

Search Payment News

January 23, 2023

On the web

Ransomware Victims are Refusing to Pay, Tanking Attackers’ Profits

Ars Technica

Two new studies suggest that ransomware isn't the lucrative, enterprise-scale gotcha it used to be. Profits to attackers' wallets, and the percentage of victims paying, fell dramatically in 2022, according to two separate reports. Chainalysis, a blockchain analysis firm that has worked with a number of law enforcement and government agencies, suggests in a blog post that based on payments to cryptocurrency addresses it has identified as connected to ransomware attacks, payments to attackers fell from $766 million in 2021 to $457 million last year.

December 14, 2021

On the web

Kronos Hit With Ransomware, Warns of Data Breach and ‘Several Week’ Outage | ZDNet

ZDNet

“HR management platform Kronos has been hit with a ransomware attack, revealing that information from many of its high-profile customers may have been accessed.  UKG, Kronos’ parent company, said the vital service will be out for “several weeks” and urged customers to “evaluate and implement alternative business continuity protocols related to the affected UKG solutions.”

November 19, 2021

On the web

October 18, 2021

On the web

Suspected Ransomware Payments Nearly Doubled This Year, Treasury Says

Wall Street Journal

“The volume of suspected ransomware payments flagged by U.S. banks has surged this year, on pace to nearly double last year’s, the Treasury Department said Friday, highlighting the scale of a problem that governments across the world have described as a critical national security threat. Nearly $600 million in transactions were linked to possible ransomware payments in so-called Suspicious Activity Reports financial services firms filed to the U.S. government in the first six months of this year, according to a Treasury Department report. That is more than 40% more than the total for all of 2020.”

August 11, 2021

On the web

Ransomware Demands and Payments Hit New Records

ComputerWeekly.com

“The average ransom paid by victim organisations has increased by 82% since 2020 to a record  $570,000, as cyber criminals intensify their ransomware efforts with increasingly aggressive tactics, according to data from Palo Alto Networks Unit 42 security consulting group. Unit 42 also found that the average ransom demand increased by 518% from the 2020 average of $847,000, to $5.3m, in the first half of 2021.”

August 6, 2021

On the web

Amazon, Google and Other Tech Companies Join Government Effort to Fight Ransomware

CNBC

Amazon , Google and Microsoft are among several tech companies that have agreed to join a government effort to fight ransomware as cyber attacks have become regular threats to U.S. organizations. The Department of Homeland Security’s new Joint Cyber Defense Collaborative (JCDC) will coordinate national cyber defense planning across agencies and with the private sector, according to prepared remarks from Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly at Thursday’s Black Hat cybersecurity conference.”

July 29, 2021

On the web

July 16, 2021

On the web

$10 Million Rewards Bolster White House Anti-ransomware Bid

AP NEWS

“The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity, including ransomware attacks , against critical U.S. infrastructure. A task force set up by the White House will coordinate efforts to stem the ransomware scourge. The Biden administration is also out with a website, stopransomware.gov , that offers the public resources for countering the threat and building more resilience into networks, a senior administration official told reporters.”

July 12, 2021

On the web

This Crowdsourced Payments Tracker Wants to Solve the Ransomware Visibility Problem

TechCrunch

“Jack Cable, a security architect at Krebs Stamos Group who previously worked for the U.S. Cybersecurity and Infrastructure Agency (CISA), is looking to solve that problem with the launch of a crowdsourced ransom payments tracking website, Ransomwhere …The website keeps a running tally of ransoms paid out to cybercriminals in bitcoin, made possible thanks to the public record-keeping of transactions on the blockchain. As the site is crowdsourced, it incorporates data from self-reported incidents of ransomware attacks, which anyone can submit.”

July 7, 2021

On the web

Kaseya Ransomware Attack: 1,500 Companies Affected, Company Confirms | ZDNet

ZDNet

“Enterprise tech firm Kaseya has confirmed that around than 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware.  It appears that the attackers carried out a supply chain ransomware attack by leveraging a vulnerability in Kaseya’s VSA software against multiple managed service providers (MSP) – and their customers.”

June 23, 2021

On the web

Ransomware Gangs Get Paid Off As Officials Struggle for Fix

AP NEWS

“If your business falls victim to ransomware and you want simple advice on whether to pay the criminals, don’t expect much help from the U.S. government. The answer is apt to be: It depends. “It is the position of the U.S. government that we strongly discourage the payment of ransoms,” Eric Goldstein, a top cybersecurity official in the Department of Homeland Security, told a congressional hearing last week. But paying carries no penalties and refusing would be almost suicidal for many companies, especially the small and medium-sized. Too many are unprepared. The consequences could also be dire for the nation itself. Recent high-profile extortive attacks led to runs on East Coast gas stations and threatened meat supplies .”

June 21, 2021

On the web

Hit By a Ransomware Attack? Your Payment May Be Deductible

Bloomberg

“As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible. The IRS offers no formal guidance on ransomware payments, but multiple tax experts interviewed by The Associated Press said deductions are usually allowed under law and established guidance. It’s a “silver lining” to ransomware victims, as some tax lawyers and accountants put it. But those looking to discourage payments are less sanguine. They fear the deduction is a potentially problematic incentive that could entice businesses to pay ransoms against the advice of law enforcement. At a minimum, they say, the deductibility sends a discordant message to businesses under duress.”

April 22, 2021

On the web

WSJ News Exclusive | Ransomware Targeted by New Justice Department Task Force

Wall Street Journal

“The Justice Department has formed a task force to curtail the proliferation of ransomware cyberattacks, in a bid to make the popular extortion schemes less lucrative by targeting the entire digital ecosystem that supports them. In an internal memorandum issued this week, Acting Deputy Attorney General John Carlin said ransomware poses not just an economic threat to businesses but “jeopardizes the safety and health of Americans.” By identifying ransomware as a priority, the task force will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, and work to identify “links between criminal actors and nation-states,” according to the memorandum.”

December 11, 2020

On the web

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

“Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.”

October 7, 2020

On the web

5 Ransomware Trends that Should Alarm Credit Unions, Banks

American Banker (paywall)

“Ransomware attacks have been accelerating during the pandemic, as cybercriminals take advantage of the security vulnerabilities and disruption caused by the massive movement toward working from home and they find ransomware increasingly profitable. According to a report published Tuesday by the security company Arctic Wolf, the banking sector saw a 520% increase in phishing and ransomware attacks between March and June of this year. Arctic Wolf has 250 bank and credit union customers.”

October 1, 2020

On the web

Companies Facilitating Ransomware Payments Could Face Penalties

Bloomberg (paywall)

“Companies that assist victims of ransomware attacks in making payments to criminal hackers could face penalties, according to a new advisory from the U.S. Department of the Treasury.    The civil penalties would apply to those who assist in making ransom payments on behalf of victim companies or governments hacked by criminal groups that have been sanctioned by the Treasury Department. The new advisory, from the department’s Office of Foreign Assets Control, could fundamentally change the calculus for companies — and their advisers — after they’ve been infected with ransomware.”

August 31, 2020

On the web

DDoS extortionists target NZX, Braintree, and other financial services

ZDNet

“For the past weeks, a criminal gang has launched DDoS attacks against some of the world’s biggest financial service providers and demanded Bitcoin payments as extortion fees to stop their attacks. Just this week, the group has attacked YesBank India, Worldpay , PayPal , Braintree , and Venmo , a source involved in the DDoS mitigation field has told ZDNet. The New Zealand stock exchange (NZX), which halted trading for the third day in a row today, is also one of the group’s victims.”

October 23, 2019

On the web

August 29, 2019

On the web