If an approved report’s authenticity is later called into question, it will be removed from the database. However, in order to make sure all reports are legitimate, each submission is required to take a screenshot of the ransomware payment demand, and every case is reviewed manually by Cable himself before being made publicly available. As the site is crowdsourced, it incorporates data from self-reported incidents of ransomware attacks, which anyone can submit. The website keeps a running tally of ransoms paid out to cybercriminals in bitcoin, made possible thanks to the public record-keeping of transactions on the blockchain. “After seeing that there’s currently no single place for public data on ransomware payments, and given that it’s not hard to track bitcoin transactions, I started hacking it together.” “I was inspired to start Ransomwhere by Katie Nickels’s tweet that no one really knows the full impact of cybercrime, and especially ransomware,” Cable told TechCrunch. Cybersecurity and Infrastructure Agency (CISA), is looking to solve that problem with the launch of a crowdsourced ransom payments tracking website, Ransomwhere. Jack Cable, a security architect at Krebs Stamos Group who previously worked for the U.S. However, while ransomware attacks continue to make headlines, it’s nearly impossible to understand their full impact, nor is it known whether taking certain decisions - such as paying the cybercriminals’ ransom demands - make a difference. In the last few months alone we’ve witnessed the attack on Colonial Pipeline that forced the company to shut down its systems - and the gasoline supply - to much of the eastern seaboard, the hack on meat supplier JBS that abruptly halted its slaughterhouse operations around the world, and just this month a supply chain attack on IT vendor Kaseya that saw hundreds of downstream victims locked out of their systems. These file-encrypting attacks have continued largely unabated this year, too. Ransomware has never been more of a national security concern after a string of hacks against the fuel supplier Colonial Pipeline, meat giant JBS and perhaps thousands of others compromised after a breach at a large IT firm.įew people, if any, seem to grasp the breadth and cost of the scourge, as there are no legal requirements for victims to disclose when they pay hackers to unlock their network.Ransomware attacks, fueled by COVID-19 pandemic turbulence, have become a major money earner for cybercriminals, with the number of attacks rising in 2020. That, combined with the suspicion that most victims don’t report their digital extortion payments, makes it harder for law enforcement and security firms to combat attacks, or even understand how to fight them. JACK CABLE KREBS RANSOMWHERE 32M PAGETECHCRUNCH HOW TO That’s the impetus behind a project that Stanford University student and security researcher Jack Cable launched on Thursday, dubbed “ Ransomwhere,” a plan to track payments to bitcoin addresses associated with known ransomware gangs. “Having public transparency around the impact of ransomware, especially as we’re proposing and considering different actions to try to combat ransomware - we’ll need a way of seeing whether those actions actually work,” Cable said in an interview with CyberScoop.Ĭable, who besides his college studies works as a security architect at the Krebs-Stamos Group consultancy and a hacker at the Defense Department’s Defense Digital Service, said he will head the crowdsourcing project in his spare time. He’s also hoping to team up with other security and blockchain analysis companies that track ransomware data via other means.Ī June tweet about the ransomware data gap from Katie Nickels, director of intelligence for cybersecurity company Red Canary, helped inspire Ransomwhere, Cable said. He’s been working to build a starting trove of information since, tracking nearly $57 million in payments so far. JACK CABLE KREBS RANSOMWHERE 32M PAGETECHCRUNCH DOWNLOADĪnyone can download the resulting database. In terms of total payments received, the NetWalker gang leads all-time in the data Cable has collected to date, with more than 3,000 payments compared to nearly 750 payments to Ryuk, the gang receiving the second most. Nickels told CyberScoop she thought that Cable’s idea “comes with some challenges,” namely in verifying the accuracy of data submitted to the site. She also said that while it might offer an avenue for organizations cautious about disclosing data to government agencies to share information, it won’t be a complete database. JACK CABLE KREBS RANSOMWHERE 32M PAGETECHCRUNCH DOWNLOAD.JACK CABLE KREBS RANSOMWHERE 32M PAGETECHCRUNCH HOW TO.
0 Comments
Leave a Reply. |