Home / Technology / Hackers steal 26 MILLION Apple, Amazon and Facebook logins after accessing 3.5 million PCs

Hackers steal 26 MILLION Apple, Amazon and Facebook logins after accessing 3.5 million PCs



The U.S. Department of Justice is raising the investigation of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and increasing damage caused by cybercriminals, a senior department head told Reuters.

Internal guidance sent Thursday to U.S. law firms across the country said information on ransomware investigations in the field should be coordinated centrally with a newly established task force in Washington.

The letter was sent to Deputy Attorney Lisa Monaco and was entitled ‘Guidance regarding investigations and cases related to Ransomware and digital extortion’, according to Cyber ​​Scoop News who received a copy of the letter.

“Recent ransomware attacks ̵

1; including last month’s attack on the Colonial Pipeline – underscore the growing threat that ransomware and digital blackmail pose to the nation, and the destructive and devastating consequences ransomware attacks can have on critical infrastructure,” Monoco wrote in the letter.

John Carlin, acting deputy lawyer at the Ministry of Justice, told Reuters that the guidelines are 'a specialized process to ensure that we track all ransom cases'.

John Carlin, acting deputy lawyer at the Ministry of Justice, told Reuters that the guidelines are ‘a specialized process to ensure that we track all ransom cases’.

Internal guidance sent Thursday to U.S. law firms across the country said information on ransomware investigations in the field should be coordinated centrally with a newly established task force in Washington

Internal guidance sent Thursday to U.S. law firms across the country said information on ransomware investigations in the field should be coordinated centrally with a newly established task force in Washington

‘A key goal of the newly launched Ransomware and Digital Extortion Task Force is to ensure that we take full authority and resources to the department in meeting the many dimensions and root causes of this threat.’

The guide added: ‘To ensure that we can establish the necessary links across national and global issues and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must improve and centralize our internal tracking. ‘

John Carlin, acting deputy lawyer at the Ministry of Justice, told Reuters that the guidelines are ‘a specialized process to ensure that we track all ransom cases wherever they may be referred in this country, so you can make the connections between actors and work your way up to disrupt the entire chain. ‘

Last month, a cybercrime group that the US government said operates from Russia broke into a pipeline operator on the US east coast, locked the systems and demanded ransom. The hack caused a closure that lasted for several days, led to an increase in petrol prices, panic purchases and a localized shortage of fuel in the southeast.

Colonial Pipeline decided to pay the hackers who invaded their systems nearly $ 5 million to regain access, the company said.

The Justice Department’s decision to push ransom into this particular process illustrates how the issue is being prioritized, U.S. officials said.

“We have used this model around terrorism before, but never with ransom,” Carlin said. The process has usually been reserved for a short list of topics, including national security cases, legal experts said.

In practice, this means that investigators at US law firms dealing with ransomware attacks are expected to share both up-to-date case details and active technical information with executives in Washington.

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted about the news on Thursday.

‘This is a positive indication that we are getting serious about stopping ransomware. Much more needs to be done, but a change of direction is a good thing, he tweeted.

Krebs explained how the ransomware situation in the United States has worsened, calling the attacks ‘a profitable business model with low barriers to entry’ and noting that to date there have been no significant consequences for criminals or their hosts. ‘

He also claimed that the security situation of companies makes it ‘too easy for the bad guys’ while he speculates that the Russian government allows ransomware groups to flourish because it ‘builds a cyber work they can call later’ and ‘creates well-paid jobs’ to keep the country’s inhabitants ‘outside the streets. ‘

Krebs noted that the ransomware attacks also ‘undermine confidence in Western citizenship’ by their government’s ability to defend them.

The former federal official said he reviewed a letter from the Assistant National Security Adviser, in which Krebs said a number of things stood out – including the government’s assessment that ‘all companies are at stake’ and could be ransomware targets.

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials take the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials take the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials take the threats seriously

Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, tweeted that the news shows that officials take the threats seriously

He tweeted that he ‘can not remember a letter like this’ from a senior White House official in the White House.

Krebs said that the government considers ‘all companies are at stake’ as ransom is opportunistic and that there is a risk of business disruption, not just theft.

The network security expert urged government officials to ‘use various tools of national power to determine the consequences for criminals and the countries that enable them’ and to make it more difficult to use cryptocurrencies for payments.

The White House warned business leaders and executives on Thursday to step up security measures to protect against attacks on ransomware after burglary disrupted operations also disrupted operations of a large meat packing company.

Anne Neuberger, cybersecurity adviser at the National Security Council, said in a letter that there has been a significant increase in the frequency and size of ransomware attacks.

‘Threats are serious and they are increasing. We ask you to take these critical steps to protect your organizations and the American public, ‘she added.

The latest cyberattacks have forced companies to view ransomware as a threat to their core business and not just data theft, as ransomware attacks have gone from stealing to disrupting operations, she said.

Strengthening the country’s resilience to cyberattacks was one of President Joe Biden’s top priorities, the White House said.

“But we can not do it alone,” White House Press Secretary Jen Psaki said Thursday. “Business leaders have a responsibility to strengthen their cyber defenses to protect the American public and our economy.”

No companies, large or small, are safe from ransomware attacks, Neuberger told business.

The letter came after a large meat packer resumed US operations on Wednesday after a ransomware attack that disrupted meat production in North America and Australia.

A Russia-affiliated hacking group known as REvil and Sodinokibi was behind the cyber attack on JBS SA, a source familiar with the matter told Reuters.

The cyber attack followed a recent month by a group with ties to Russia on the Colonial Pipeline, the largest fuel pipeline in the United States, which paralyzed the supply of fuel for several days in the southeastern United States.

Biden believes Russian President Vladimir Putin has a role to play in preventing these attacks and plans to raise the issue during the summit this month, Psaki said.

Neuberger’s letter outlined immediate steps companies can take to protect themselves from ransomware attacks, which can have ripple effects far beyond the company and its customers.

These include best practices such as multifactor authentication, endpoint detection and response, encryption and a skilled security team. Businesses should back up data and regularly test systems, as well as update and repair systems quickly.

Neuberger advised companies to test incident response plans and use a third party to test the safety team’s work.

She said it was important that business functions and production operations run on separate networks.


Source link