In this dialogue, Simone Petrella, president of N2K, teams up with Lee Parrish, Chief Information Security Officer at Newell Brands. They explore the dark world of ransomware, spotlighting the notorious DeathGrip platform and recent law enforcement successes against cybercriminals. Simone and Lee delve into governance in the cybersecurity landscape, discussing insights from Lee's book, 'The Shortest Hour.' They also touch on the growing challenges posed by AI-generated scams, particularly affecting crafters on platforms like Etsy.
The takedown of the Dispossessor ransomware group, linked to a decentralized structure, demonstrates the persistent and evolving threat of cybercrime.
Orion SA's $60 million loss from a business email compromise highlights the critical need for enhanced employee training in cybersecurity practices.
Deep dives
International Crackdown on Ransomware Groups
A significant international law enforcement operation has dismantled the ransomware group Dispossessor, suspected to be a rebranded version of Lockbit. This coordinated effort involved multiple agencies, including the FBI and the National Crime Agency, leading to the seizure of over 30 servers and domains across the US, UK, and Germany. Dispossessor, which emerged in August 2023, was linked to attacks on numerous companies globally, utilizing a ransomware as a service model that allowed affiliates to execute wide-ranging cyberattacks. While this takedown presents a major setback for the group, its decentralized structure poses ongoing challenges for law enforcement in completely eliminating their operations, highlighting the persistent threat of ransomware in the cyber landscape.
Impact of Business Email Compromise
Luxembourg-based Orion SA reported a significant financial loss of $60 million from a business email compromise incident, where an employee was misled into authorizing fraudulent wire transfers. Despite the financial blow, Orion's overall operations remain unaffected, as they have not experienced any system breaches during the incident. The company has approached law enforcement and is exploring various options to recover the funds, including insurance claims. This incident underscores the vulnerability of organizations to sophisticated phishing schemes, prompting a critical need for enhanced awareness and training among employees regarding cybersecurity practices.
Emergence of New Ransomware Platforms
The rise of DeathGrip, a new ransomware-as-a-service platform, illustrates the increasing accessibility of sophisticated cybercrime tools, making it easier for less technically skilled criminals to conduct attacks. Promoted on underground forums, DeathGrip is equipped with advanced tools that enable users to launch effective ransomware operations with minimal expertise. Real-world incidents linked to DeathGrip have already raised alarms about its capability to inflict substantial damage on businesses and individuals alike. This proliferation of such platforms highlights the urgent need for strengthened cybersecurity measures, including regular updates and comprehensive training for employees to mitigate the risks associated with these evolving threats.
The FBI is the repossessor of Dispossessor. The NCA collars and extradites a notorious cybercriminal. A German company loses sixty million dollars to business email compromise. DeathGrip is a new Ransomware-as-a-Service (RaaS) platform. Russia blocks access to Signal. NIST publishes post-quantum cryptography standards. DARPA awards $14 million to teams competing in the AI Cyber Challenge. On our Solution Spotlight, N2K President Simone Petrella talks with Lee Parrish, CISO of Newell Brands, about his book "The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security". AI generates impossible code - for knitters and crocheters.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
