Ransomware, Iranian Hackers & Pornography

Ransomware gangs have increasingly focused on high-profile targets like large corporations and government institutions in the past year, according to Europol’s Internet Organised Crime Threat Assessment 2021 report, and Covid -19 has helped to fuel the increase in cyber crime.

Europol's report offers insights into current cyber crime trends in Europe, revealed that ransomware actors have taken advantage of widespread homeworking to launch more sophisticated and targeted attacks.

The accelerated digitalisation of everyday life related to the pandemic has significantly influenced the development of a number of cyber threats, including:

  • Ransomware affiliate programs enable a larger group of criminals to attack big corporations and public institutions by threatening them with multi-layered extortion methods such as DDoS attacks. 
  •  Mobile malware evolves with criminals trying to circumvent additional security measures such as two-factor authentication.  
  • Online shopping has led to a steep increase in online fraud. 
  • Explicit self-generated sexual material is an increasing concern and is distributed for profit.
  • Criminals continue to abuse legitimate services such as VPNs, encrypted communication services and crypto-currencies. 

Now, Microsoft researchers have discovered that as many as six different Iranian hacker groups are behind several new waves of ransomware attacks that have been identified every six to eight weeks since the end of 2020. 

The Iranian hackers are allegedly deploying ransomware to disrupt targets or to collect funds. Microsoft says that the hacking groups are persistent and prepared to use aggressive brute-force attacks to achieve their goals. According to Microsoft, the most consistent of the groups tracked by the cybersecurity firm is called Phosphorus or APT35 and they have ben tracking the group for the past two years.

Phosphorus was initially known for cyber espionage, however, the group has shifted towards ransomware attacks using Microsoft’s Windows disk-encryption tool BitLocker to encrypt victim files.

Europol have also highlighted the growing use of multi-layered extortion methods to extort service providers, financial institutions and businesses, such as DDoS attacks. Additionally, they observed that cyber-criminals have increasingly recognised the potential to attack a large number of organisations via supply chain attacks, often targeting the ‘weakest link.’ The Kaseya  and SolarWinds incidents are prominent examples of this trend.  

Another concerning finding in the report was an “alarming” rise in self-produced explicit material of children online.

This has been driven by increased unsupervised internet use by children in the pandemic. The authors said children were frequently lured into producing and sharing explicit material of themselves by offenders using fake identities on gaming platforms and social media sites. Additionally, some offenders recorded or captured victims performing live-streamed sexual acts for them without the victims’ knowledge.

  • Other notable trends in the past year included fraudsters continuing to leverage the COVID-19 crisis and increased online shopping to scam victims.
  • There has also been an evolution in mobile malware, with cyber criminals trying to find ways to circumvent additional security measures such as two-factor authentication.

Microsoft's findings suggest that the adoption of ransomware has supported Iranian hackers' efforts in espionage, disruption and destruction and to support physical operations. Their well-stocked toolbox includes ransomware, disk wipers, mobile malware, phishing, password-spray attacks, mass exploitation of vulnerabilities and supply chain attacks.     

EUROPOL:     ZDNet:   Oodaloop:      Infosecurity Magazine:     BlackWeb:    Microsoft

You Might Also Read: 

Diving Into Th Dark Web:

 

« Cyber Effects On The Legal Profession
Non-Profit Organisations & Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

qSkills

qSkills

QSkills is an independent training provider specialized high-quality IT and IT management training courses including IT security.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Bounga Informatics

Bounga Informatics

Bounga Informatics provides Digital Forensics, E-Discovery, and Endpoint Security software, hardware, and training in Singapore and other countries in Asia Pacific.

Keepnet Labs

Keepnet Labs

Keepnet Labs is a phishing defence platform that provides a holistic approach to people, processes and technology to reduce breaches and data loss and presents anti-phishing solutions.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

Abion

Abion

At Abion (formerly BRANDIT), we empower your business by providing comprehensive brand protection and web security services.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Noblis

Noblis

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest.

CodeLock

CodeLock

Codelock is a patent-pending solution that continuously provides software security at the code level, while providing advanced management insights with performance metrics and data analytics.

Systal Technology Solutions

Systal Technology Solutions

Systal is a global managed network and security service and transformation specialist. We help enterprise-level businesses maximise the security and business value of their complex IT infrastructure.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.