cybercrime - All Articles - CISO Platform2024-03-29T12:04:40Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/cybercrimeNational Cybersecurity Plan Fails to Address Ransomwarehttps://www.cisoplatform.com/profiles/blogs/national-cybersecurity-plan-fails-to-address-ransomware2023-07-18T15:42:36.000Z2023-07-18T15:42:36.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/12150417269?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/4oSr-3dbHDg" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="pw-post-body-paragraph lc ld fw le b lf lg lh li lj lk ll lm ln lo lp lq lr ls lt lu lv lw lx ly lz fp bj">The US National Cybersecurity Strategy Implementation Plan fails to address ransomware.</p><p id="d026" class="pw-post-body-paragraph lc ld fw le b lf lg lh li lj lk ll lm ln lo lp lq lr ls lt lu lv lw lx ly lz fp bj">There is a real opportunity for the government to make significant progress in crushing the growing scourge of ransomware attacks which threaten businesses, individuals, and the range of Critical Infrastructures that all citizens rely upon. Although the 2023 National Cybersecurity Strategy specifically calls out ransomware, the recently released implementation plan comes up short.</p></div>Is the MSI Hack an IT Supply Chain Attack?https://www.cisoplatform.com/profiles/blogs/is-the-msi-hack-an-it-supply-chain-attack2023-04-25T16:41:58.000Z2023-04-25T16:41:58.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/11036073661?profile=RESIZE_400x&width=400"></div><div><p class="graf graf--p">When I heard of the MSI compromise, I had similar fears of an IT supply chain attack. However, after walking the logic and high-level details I felt that the current attack was unlikely a sophisticated play to compromise downstream consumers of MSI products.</p><p class="graf graf--p">The cybersecurity risk assessment logic:</p><p class="graf graf--p">Although adding a trojan to an update file is easy, firmware exploitation that includes remote telemetry, backdoors, and software surveillance is much more challenging, certainly difficult enough to require significant time, development, and testing resources — something likely a nation-state would be willing to commit and able to accomplish.</p><p class="graf graf--p">A ransomware/data breach of a hardware/firmware organization is a much simpler matter. Compromise the system, exfiltrate the data, and encrypt key data systems. This is the happy domain of cyber criminals looking for a quick payout.</p><p class="graf graf--p">Ransomware activities are loud, brash, and obvious. Whereas if an attacker spent the requisite effort to compromise the firmware with the intent of a supply chain attack, they would want to be as clandestine and stealthy as possible, so victims remain unsuspecting for the longest possible time.</p><p class="graf graf--p">MSI was confronted with ransomware and extortion demands. If we apply Occam’s razor and look at the least complicated scenario, then it seems like they have been victimized by cybercriminals seeking personal financial gain and not a nation-state looking to conduct a sweeping supply chain attack against MSI customers.</p><p class="graf graf--p">Theories are great, but I am really glad the Eclypsium team took a look at the actuary low-level data to confirm. See their report at <a class="markup--anchor markup--p-anchor" href="https://eclypsium.com/blog/msi-incident-part-2-binary-analysis/" target="_blank">https://eclypsium.com/blog/msi-incident-part-2-binary-analysis/</a></p><p class="graf graf--p">But now that nation-states have access to MSI data, it seems like a great opportunity for them to explore if they could accomplish a supply-chain attack that meets their objectives. The exposure of MSI data has enabled more serious attackers. I fear this story is not over. If an aggressive nation chooses to develop a sophisticated exploit, the customers of MSI may be in real trouble!</p></div>Ransomware and the Ransom Problemhttps://www.cisoplatform.com/profiles/blogs/ransomware-and-the-ransom-problem2023-02-07T17:08:37.000Z2023-02-07T17:08:37.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/lzzInVAM6NQ" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p style="text-align:left;">Dr. Chase Cunningham (aka Dr Zero Trust) and I discuss the problem of ransomware and how the industry could potentially rid itself of this growing problem.</p></div>Lloyd’s New Cyber Insurance Exclusions Aim to Avoid Payouts from Nation State Hackshttps://www.cisoplatform.com/profiles/blogs/lloyd-s-new-cyber-insurance-exclusions-aim-to-avoid-payouts-from-2022-08-23T04:07:58.000Z2022-08-23T04:07:58.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10783864253?profile=RESIZE_400x&width=400"></div><div><p> </p><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/sz3q4BhtKEE" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">The recent announcement by the insurance giant Lloyds of London, may be the biggest cybersecurity news of the year. It might not seem all that relevant, but strategically, this will likely shift the entire industry and politics of cybersecurity.</p><p class="graf graf--p">In the podcast, I go over the reasons behind the exclusions, how it impacts insurance customers, and what conditions are likely to be excluded.</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p"><strong class="markup--strong markup--p-strong">Links:</strong></p><p class="graf graf--p"><strong class="markup--strong markup--p-strong">Cybersecurity Insights channel: </strong><a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/CybersecurityInsights" target="_blank">https://www.youtube.com/CybersecurityInsights</a></p><p class="graf graf--p"><strong class="markup--strong markup--p-strong">Lloyd’s Market Bulletin Y5381 State backed cyber-attack exclusions </strong><a class="markup--anchor markup--p-anchor" href="https://assets.lloyds.com/media/35926dc8-c885-497b-aed8-6d2f87c1415d/Y5381%20Market%20Bulletin%20-%20Cyber-attack%20exclusions.pdf" target="_blank">https://assets.lloyds.com/media/35926dc8-c885-497b-aed8-6d2f87c1415d/Y5381%20Market%20Bulletin%20-%20Cyber-attack%20exclusions.pdf</a></p></div>US Sanctions Blender.io for Supporting Terrorhttps://www.cisoplatform.com/profiles/blogs/us-sanctions-blender-io-for-supporting-terror2022-05-10T05:45:55.000Z2022-05-10T05:45:55.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10476489667?profile=RESIZE_400x&width=400"></div><div><p>US Treasury sanctions a cryptocurrency mixing site for supporting North Korean hackers who have been stealing hundreds of millions of dollars. Blender.io is a virtual currency mixing site that obfuscates the origins of cryptocurrency coin transactions. </p><p>Mixing services are privacy tools that malicious entities can also use for laundering illicit funds. In this case, the Lazarus Group, a North Korean government sponsored hacking group, recently stole $620 million worth of virtual tokens from the popular online game Axie Infinity. </p><p>It is normal practice for cryptocurrency exchange sites to band together to proactively block transactions from coins acquired by cyberattacks, thus making it very difficult for the thieves to swap them for other assets. Blender.io then processed over $20 million of those tokens, essentially laundering them, undermining legitimate sites from blocking their liquidation. This constitutes as support for terrorist activities which threaten national security interests, in direct violation of the Office of Foreign Assets Control (OFAC) rules.</p><p>When organizations support international crime and terrorism, they should be held accountable.</p><p><a href="https://home.treasury.gov/news/press-releases/jy0768">https://home.treasury.gov/news/press-releases/jy0768</a></p><p> </p></div>Ransomware is Funding Russian Aggressionhttps://www.cisoplatform.com/profiles/blogs/ransomware-is-funding-russian-aggression2022-05-01T03:10:42.000Z2022-05-01T03:10:42.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10451397669?profile=RESIZE_400x&width=400"></div><div><p class="graf graf--p">Ransomware attacks and payments are increasing, with most revenue going to Russian attackers. It is time to revisit outlawing Ransomware payments.</p><p class="graf graf--p">Some stats to hammer the situation home:</p><p class="graf graf--p"><a class="markup--anchor markup--p-anchor" href="https://news.sophos.com/en-us/2022/04/27/the-state-of-ransomware-2022" target="_blank">Sophos ransomware report</a> indicates:</p><p class="graf graf--p">- Ransom attacks are more frequent (66% of surveyed orgs indicated they were hit with ransomware in 2021 versus only 37% in 2020)</p><p class="graf graf--p">- Payments are higher (11% paid over $1 million versus only 4% in 2020), and more victims are paying the ransom (46% paid).</p><p class="graf graf--p">Now consider that according to <a class="markup--anchor markup--p-anchor" href="https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-russia-ransomware-money-laundering" target="_blank">ChainAnalysis</a> about 74% of ransomware revenue in 2021 are affiliated with Russia!</p><p class="graf graf--p">Yes, companies are inadvertently funding activities of Russia with ransomware! It is time we act. Sadly, we need regulation to force organizations to not fund the cybercriminals and nation state enemies!</p><p class="graf graf--p">It is time we outlaw ransomware payments, thereby creating a forcing function for better cybersecurity prevention and prohibiting funding of aggressive acts like the Russia war against Ukraine.</p><p class="graf graf--p">Yes, I know this idea is unpopular, but this is a hill I am willing to defend. Let the flaming begin.</p><p class="graf graf--p"><strong class="markup--strong markup--p-strong">Sources:</strong></p><p class="graf graf--p"><a class="markup--anchor markup--p-anchor" href="https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-russia-ransomware-money-laundering" target="_blank">https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-russia-ransomware-money-laundering</a></p><p class="graf graf--p"><a class="markup--anchor markup--p-anchor" href="https://news.sophos.com/en-us/2022/04/27/the-state-of-ransomware-2022" target="_blank">https://news.sophos.com/en-us/2022/04/27/the-state-of-ransomware-2022</a></p></div>How Cybersecurity Risks Must Be Fixed to Build Trust in Technology Innovationhttps://www.cisoplatform.com/profiles/blogs/how-cybersecurity-risks-must-be-fixed-to-build-trust-in-technolog2022-04-28T17:14:17.000Z2022-04-28T17:14:17.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10446138261?profile=RESIZE_400x&width=400"></div><div><p class="graf graf--p">Thanks to <a class="markup--anchor markup--p-anchor" href="https://dynamicciso.com/the-future-of-cyber-security-and-digital-trust/" target="_blank">DynamicCISO</a> for a great discussion about the changing landscape of cybersecurity and how we must all adapt to drive trust into the global digital ecosystem. The key to our success is to think ahead and show leadership in managing innovation for our benefit.</p><p class="graf graf--p">Topics:</p><ul class="postList"><li class="graf graf--li">State of cybersecurity: Threat Landscape, Preparedness of Enterprises, and Solution Landscape</li><li class="graf graf--li">Countering threats who leverage technology innovation</li><li class="graf graf--li">Why trust in digital tech is the key to future innovation</li><li class="graf graf--li">How to improve the culture of cybersecurity</li><li class="graf graf--li">The future of cybercrime and emerging threats</li></ul><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/En-D1AxGGbM" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p></div>Video – Announcing 2022 Cybersecurity Predictionshttps://www.cisoplatform.com/profiles/blogs/video-announcing-2022-cybersecurity-predictions2022-01-15T23:00:29.000Z2022-01-15T23:00:29.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/10014880654?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/P0bKgPtmTy0" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="hx hy fy hz b ia ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu dn gv">2022 will be a very tumultuous year for cybersecurity professionals. The underlying fundamentals that drive major shifts of the cybersecurity industry — technologies, threats, and economic factors, will introduce new risks and combine to significantly increase the relevance and challenges of protecting digital assets and capabilities.</p><p class="hx hy fy hz b ia ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu dn gv">Top 10 Cybersecurity Predictions</p><p id="cbbe" class="hx hy fy hz b ia ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu dn gv">— <a class="dy mx" href="https://www.linkedin.com/pulse/10-cybersecurity-predictions-2022-matthew-rosenquist" target="_blank">LinkedIn article</a><br />— <a class="dy mx" href="https://matthew-rosenquist.medium.com/top-10-cybersecurity-predictions-for-2022-5373839b3bd3">Medium article</a><br />— <a class="dy mx" href="https://www.researchgate.net/profile/Matthew-Rosenquist/publication/357435475_2022_CYBERSECURITY_PREDICTIONS_-_10_INDUSTRY_PREDICTIONS/links/61ce36e4da5d105e550be9ec/2022-CYBERSECURITY-PREDICTIONS-10-INDUSTRY-PREDICTIONS.pdf" target="_blank">Download direct PDF</a></p></div>Cybersecurity Insights Video - Criminalizing Ransomware Payments with Malcolm Harkinshttps://www.cisoplatform.com/profiles/blogs/cybersecurity-insights-video-criminalizing-ransomware-payments-wi2022-01-05T21:53:24.000Z2022-01-05T21:53:24.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9984870073?profile=RESIZE_400x&width=400"></div><div><p class="graf graf--p">Ransomware is a growing scourge. Is it possible to eradicate this entire class of attacks? I think it is but in today’s Cybersecurity Insights interview I have a lively debate with Malcolm Harkins on criminalizing ransomware payments and different approaches to undermine Ransomware attacks!</p><p class="graf graf--p">I truly like vigorously debating cybersecurity issues with Malcolm. He brings great insights, passion, and experience to discussions with a willingness to aggressively debate in a constructive way.</p><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/6LaK3KhB3gU" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">We cover a lot of ground in our chat, including the potential merits of denying ransomware cybercriminals their prize by criminalizing payments, and explore other avenues to deter, protect, and prosecute ransomware attacks to mitigate risks.</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Special thanks to this week’s guest, Malcolm Harkins, whom you can follow on LinkedIn: <a class="markup--anchor markup--p-anchor" href="https://www.linkedin.com/in/malcolmharkins/" target="_blank">https://www.linkedin.com/in/malcolmharkins/</a></p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Please click the Like button if you found this insightful and subscribe to the Cybersecurity Insights channel for more interviews, best-practices, rants, and strategic viewpoints. <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p class="graf graf--p graf--empty"> </p><h4 class="graf graf--h4">Follow me on:</h4><ul class="postList"><li class="graf graf--li">LinkedIn: <a class="markup--anchor markup--li-anchor" href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li class="graf graf--li">Medium: <a class="markup--anchor markup--li-anchor" href="https://medium.com/@matthew.rosenquist" target="_blank">https://medium.com/@matthew.rosenquist</a> </li><li class="graf graf--li">Twitter (@Matt_Rosenquist): <a class="markup--anchor markup--li-anchor" href="https://twitter.com/Matt_Rosenquist" target="_blank">https://twitter.com/Matt_Rosenquist</a></li></ul><p> </p></div>Anti-Money Laundering Detection Tool on the Dark Webhttps://www.cisoplatform.com/profiles/blogs/anti-money-laundering-detection-tool-on-the-dark-web2021-08-24T16:38:37.000Z2021-08-24T16:38:37.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/DNDF0Jvf2OI" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">A new tool is gaining popularity on the dark web which provides insights to users if their cryptocurrency activity might be flagged by authorities as potentially illicit. Such a tool can provide cybercriminals the intelligence necessary to stay under-the-radar of law enforcement. Conversely, the tool may help law enforcement understand how to shift their threshold to catch those who are looking to evade detection!</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Please click the Like button if you found this insightful and subscribe to the Cybersecurity Insights channel for more best-practices, rants, and strategic viewpoints. <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p class="graf graf--p">Follow me on:</p><ul class="postList"><li class="graf graf--li">LinkedIn: <a class="markup--anchor markup--li-anchor" href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li class="graf graf--li">Medium: <a class="markup--anchor markup--li-anchor" href="https://medium.com/@matthew.rosenquist" target="_blank">https://medium.com/@matthew.rosenquist</a></li><li class="graf graf--li">Twitter (@Matt_Rosenquist): <a class="markup--anchor markup--li-anchor" href="https://twitter.com/Matt_Rosenquist" target="_blank">https://twitter.com/Matt_Rosenquist</a></li></ul></div>600 Million Differences Between Hackers and Cybercriminalshttps://www.cisoplatform.com/profiles/blogs/600-million-differences-between-hackers-and-cybercriminals2021-08-16T16:46:19.000Z2021-08-16T16:46:19.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/AjjOSdOgpFg" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">There are 600 Million Differences Between Hackers and Cybercriminals…</p><p class="graf graf--p">An amazing story is emerging from a massive cryptocurrency exploitation that exemplifies the difference between a ‘hacker’ and a ‘cybercriminal’.</p><p class="graf graf--p"> </p><p class="graf graf--p"> </p><p>Interested in more cybersecurity insights, rants, and strategic viewpoints? </p><p>Subscribe to the Cybersecurity Insights channel on YouTube: <a href="https://www.youtube.com/c/CybersecurityInsights">https://www.youtube.com/c/CybersecurityInsights</a></p><p> </p><p>Follow me on:</p><ul><li>LinkedIn: <a href="https://www.linkedin.com/today/author/matthewrosenquist">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li>Medium: <a href="https://medium.com/@matthew.rosenquist">https://medium.com/@matthew.rosenquist</a></li><li>Twitter (@Matt_Rosenquist): <a href="https://twitter.com/Matt_Rosenquist">https://twitter.com/Matt_Rosenquist</a></li></ul></div>Arguments Against Criminalizing Ransomware Paymentshttps://www.cisoplatform.com/profiles/blogs/arguments-against-criminalizing-ransomware-payments2021-08-11T20:35:01.000Z2021-08-11T20:35:01.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9410068262?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/Q33o6Kj0W6E" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">The goal is to effectively end ransomware as a significant cybersecurity risk for everyone. In exploring the different strategic options, one path has emerged superior, in which the flow of money to the ransomware attackers is essentially stopped. The only way to make that happen consistently is to compel the victims to not pay by making it a criminal act. However, not everyone agrees.</p><p class="graf graf--p">In my discussions with many experts across a range of disciplines, the same arguments would emerge and be debated. This is an exhaustive list of those arguments and the discussions that continue to support the premise that criminalizing ransomware payments is the best option.</p><img class="graf-image align-center" src="https://cdn-images-1.medium.com/max/800/1*iEQcc2e5s_ZzC0i65CTMDw.png" alt="1*iEQcc2e5s_ZzC0i65CTMDw.png" /><p class="graf graf--p">In this video I discuss and address the most common arguments against criminalizing ransomware payments, in the hope we can come to a consensus for what may be the best path forward to end ransomware.</p><h3 class="graf graf--h3"><strong class="markup--strong markup--h3-strong">Argument Jump Points:</strong></h3><ul class="postList"><li class="graf graf--li">11:03 #1 — Not possible to enact such a law</li><li class="graf graf--li">12:48 #2 — Can’t enforce such a law</li><li class="graf graf--li">19:12 #3 — Won’t seriously restrict the flow of money to the cybercriminals</li><li class="graf graf--li">22:31 #4 — Not be effective in reducing the risks</li><li class="graf graf--li">25:42 #5 — It should be the victim’s choice to pay, as it is their business and money</li><li class="graf graf--li">28:58 #6 — Would force some victims out of business</li><li class="graf graf--li">33:36 #7 — Unfair to SMB’s, who can’t afford security</li><li class="graf graf--li">35:50 #8 — Removes a critical option for organizations, necessary to stay in business</li><li class="graf graf--li">39:00 #9 — Would create too great a national/regional impact for critical systems down for extended periods</li><li class="graf graf--li">3:18 #10 — Building better security mitigation capabilities</li><li class="graf graf--li">7:16 #11 — Outlawing cryptocurrency</li><li class="graf graf--li">52:04 #12 — A partial ban on payments or ‘special circumstances’ allowing payment as a compromise</li><li class="graf graf--li">54:38 #13 — Improving law enforcement capabilities to catch the attackers</li><li class="graf graf--li">58:32 #14 — Employing the military to protect everyone from attacks</li></ul><p class="graf graf--p">We must act. Ransomware will not go away on its own and the cybersecurity products and services have been unable to curb the massive growth of this problem.</p><img class="graf-image align-center" src="https://cdn-images-1.medium.com/max/800/1*IsBgxM2JaL9ePbLPWUh9AA.png" alt="1*IsBgxM2JaL9ePbLPWUh9AA.png" /><p class="graf graf--p">We must select the best strategic solution, that meets the clear success criteria, and move to implement as quickly as possible to reverse the growing impacts of ransomware.</p><h3 class="graf graf--h3"><strong class="markup--strong markup--h3-strong">Ransomware Explained Series:</strong></h3><ul class="postList"><li class="graf graf--li">End Ransomware by Criminalizing Ransomware Payments: <a class="markup--anchor markup--li-anchor" href="https://www.youtube.com/watch?v=7AlMdkaL6II" target="_blank">https://www.youtube.com/watch?v=7AlMdkaL6II</a></li><li class="graf graf--li">Understanding the Attackers: <a class="markup--anchor markup--li-anchor" href="https://www.youtube.com/watch?v=n2gGq26fgxA" target="_blank">https://www.youtube.com/watch?v=n2gGq26fgxA</a></li><li class="graf graf--li">Success Criteria for Ending Ransomware: <a class="markup--anchor markup--li-anchor" href="https://www.youtube.com/watch?v=aeqAeTUnyeo" target="_blank">https://www.youtube.com/watch?v=aeqAeTUnyeo</a></li><li class="graf graf--li">Demotivating Ransomware Attackers by Ending Ransom Payments: <a class="markup--anchor markup--li-anchor" href="https://www.youtube.com/watch?v=E8bpG6zl7Xg" target="_blank">https://www.youtube.com/watch?v=E8bpG6zl7Xg</a></li></ul></div>Demotivating Ransomware Attackers by Ending Ransom Paymentshttps://www.cisoplatform.com/profiles/blogs/demotivating-ransomware-attackers-by-ending-ransom-payments2021-08-05T19:31:40.000Z2021-08-05T19:31:40.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9385362655?profile=RESIZE_400x&width=400"></div><div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/E8bpG6zl7Xg" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">Outlawing payments will result in the abandonment of ransomware attacks. By stopping the flow of money, we can demotivate cybercriminals who will shift to other activities that are more profitable than ransomware. We don’t need to stop all types of ransomware attacks for every potential victim. It is better to dissuade attackers from committing attacks in the first place.</p><p class="graf graf--p">In today’s video, I discuss the logic of how criminalizing ransomware payments will affect attackers to abandon these attacks. I break down how it works and what to expect.</p><p class="graf graf--p">More details on how criminalizing ransomware payments creates a chain-reaction that ends ransomware: <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/watch?v=7AlMdkaL6II" target="_blank">https://www.youtube.com/watch?v=7AlMdkaL6II</a></p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Thanks for watching. Let’s communicate and collaborate. That is how we make cybersecurity strong in protecting the global digital ecosystem. Share your thoughts and concerns in the comments section!</p><p class="graf graf--p">I put out a new video every week on various cybersecurity topics, risks, ideas, events, and best practices. If you like these cybersecurity videos and are interested in more cybersecurity insights, rants, and strategic viewpoints, please click the Like button and Subscribe to the Cybersecurity Insights channel! <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p class="graf graf--p">Follow me on:</p><ul><li>LinkedIn: <a class="markup--anchor markup--p-anchor" href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li>Medium: <a class="markup--anchor markup--p-anchor" href="https://medium.com/@matthew.rosenquist" target="_blank">https://medium.com/@matthew.rosenquist</a></li><li>Twitter (@Matt_Rosenquist): <a class="markup--anchor markup--p-anchor" href="https://twitter.com/Matt_Rosenquist" target="_blank">https://twitter.com/Matt_Rosenquist</a></li></ul></div>This is How to End Ransomwarehttps://www.cisoplatform.com/profiles/blogs/this-is-how-to-end-ransomware2021-07-27T20:26:39.000Z2021-07-27T20:26:39.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9319976691?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/7AlMdkaL6II" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p><span>W</span>e can rid the world of ransomware attacks to such an extent they are no longer a likely risk vector! It is possible, but we all have to work together.</p><p><span>This is not a sales pitch; in fact, I explain why no product or service can truly deliver us from the tightening jaws of ransomware. This is an exploration of an idea that will deliver all the criteria of success for the world to collaboratively end ransomware!</span></p><p><span>It all starts with one simple concept: criminalize the payments of digital ransoms.</span></p><p><span>It is controversial proposal.</span></p><p><span>The act of establishing a criminal law prohibiting the payment of ransoms will start a chain reaction that will ultimately end in the undermining of ransomware attacks across the globe.</span></p><p><span><a href="{{#staticFileLink}}9319895464,original{{/staticFileLink}}"><img class="align-center" src="{{#staticFileLink}}9319895464,RESIZE_710x{{/staticFileLink}}" width="710" alt="9319895464?profile=RESIZE_710x" /></a></span></p><p class="graf graf--p">The key is how one act will set in motion a cascading chain of events, like dominoes falling one after another, to reach our goals. This video explains the 10 steps that will happen.</p><p class="graf graf--p">In today’s video, I break down that cascading set of events that would reverse the incredible growth trend of this digital attack and end ransomware as we know it. Be sure to stay for the end, where I list all the arguments against this idea, gathered from discussions with peers. I will dispel them all in next week’s video.</p><p class="graf graf--p">This video explains the 10 steps that will happen:<br /> 0:00 End Ransomware for Everyone<br /> 2:40 Relevance & Complexity Factors<br /> 4:50 Success Criteria<br /> 7:20 Plan Proposal<br /> 8:34 Phases of Success <br /> 10:16 Step 1 — Law is Passed <br /> 11:50 Step 2 — Grace Period Ends <br /> 17:13 Step 3 — Money Flow Constricts <br /> 20:19 Step 4 — Attacker Desperation <br /> 22:52 Step 5 — Attacks Decrease <br /> 24:24 Step 6 — Solutions & Enforcement Rise <br /> 27:16 Step 7 — Success is Promoted <br /> 31:17 Step 8 — Attackers Shift Targets <br /> 32:29 Step 9 — Other Nations Follow <br /> 33:27 Step 10 Ransomware is History <br /> 36:45 Arguments Against (primer for next video)</p><p class="graf graf--p">Let’s walk the logic and think strategically several moves ahead.</p><p class="graf graf--p">The ability to undermine ransomware is within our grasp!</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Thanks for watching. Let’s communicate and collaborate together. That is how we make cybersecurity strong in protecting the global digital ecosystem.</p><p class="graf graf--p">I put out a new video about every week on various cybersecurity topics, risks, ideas, events and best practices. If you like these cybersecurity videos and are interested in more cybersecurity insights, rants, and strategic viewpoints, please click the Like button and Subscribe to the Cybersecurity Insights channel! <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p class="graf graf--p"> </p></div>Why REvil Ransomware Group Suddenly Disappearedhttps://www.cisoplatform.com/profiles/blogs/why-revil-ransomware-group-suddenly-disappeared2021-07-20T16:07:01.000Z2021-07-20T16:07:01.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9280853899?profile=RESIZE_400x&width=400"></div><div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/C9AS8KiH-FA" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">The notorious REvil ransomware cybercriminal group suddenly disappeared without explanation, spurring lots of speculation in the cybersecurity community. In this week’s video, we go over the results of a recent poll among security professionals that revealed what they believed was behind the REvil’s disappearance and if they will be back.</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Interested in more cybersecurity insights, rants, and strategic viewpoints?</p><p class="graf graf--p">Subscribe to the Cybersecurity Insights channel on YouTube: <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p>Follow me on:</p><ul><li class="graf graf--p">LinkedIn: <a class="markup--anchor markup--p-anchor" href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li class="graf graf--p">Medium: <a class="markup--anchor markup--p-anchor" href="https://medium.com/@matthew.rosenquist" target="_blank">https://medium.com/@matthew.rosenquist</a></li><li class="graf graf--p">Twitter (@Matt_Rosenquist): <a class="markup--anchor markup--p-anchor" href="https://twitter.com/Matt_Rosenquist" target="_blank">https://twitter.com/Matt_Rosenquist</a></li></ul></div>Ransomware Explained - Ending Ransomwarehttps://www.cisoplatform.com/profiles/blogs/ransomware-explained-ending-ransomware2021-07-14T22:32:13.000Z2021-07-14T22:32:13.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9249205664?profile=RESIZE_400x&width=400"></div><div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/aeqAeTUnyeo" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">Stopping ransomware from being an impactful menace is the grand goal, but what are the specific criteria for success we should be striving for? Without clear objectives, we are often consumed with trivial aspects and never attain the desired end-state.</p><p class="graf graf--p">Let’s stop thrashing with tactical actions that won’t deliver our goal.</p><p class="graf graf--p">In today’s video I take a shot at clearly defining the success criteria so we can properly evaluate our strategic options and determine how best to end ransomware!</p><img class="graf-image" src="https://cdn-images-1.medium.com/max/800/1*GqFTvlSx9cQxhtJv9YOhAQ.png" alt="1*GqFTvlSx9cQxhtJv9YOhAQ.png" /><p class="graf graf--p">Success Criteria for Ending Ransomware</p><p class="graf graf--p">Let me know if you agree of if I have missed anything!</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">This video is the latest installment of a multi-part series on Ransomware. The series is available on the <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">Cybersecurity Insights</a> YouTube Channel.</p><p class="graf graf--p">We must all communicate and collaborate to determine how best to understand and defeat ransomware.</p></div>Ransomware Explained - 3 Fundamental Ways to Stop Cyberattackshttps://www.cisoplatform.com/profiles/blogs/ransomware-explained-3-fundamental-ways-to-stop-cyberattacks2021-07-06T22:22:53.000Z2021-07-06T22:22:53.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p> </p><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/dQUa4XyLYG0" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>There are only 3 fundamental ways to stop attacks from motivated and intelligent adversaries.</p><p>Let’s identify and explore those options, and discuss how they may be applied to undermine Ransomware.</p><p> </p><p>This video is the latest installment of a multi-part series on Ransomware. The series is free on the <a href="https://www.youtube.com/c/CybersecurityInsights">Cybersecurity Insights</a> YouTube Channel. <br />
<br />
Industry, business, and government professionals must share, learn, and collaborate to grow our ability to defend against evolving cyberthreats.</p><p>We must work together to determine how best to understand and defeat ransomware.</p><p>I urge everyone to subscribe and watch all the videos for strategic insights that fuel the ransomware events unfolding in the news and impacting us all. </p><p><a href="https://www.youtube.com/c/CybersecurityInsights">https://www.youtube.com/c/CybersecurityInsights</a></p></div>Ransomware Cybersecurity Fireside Chathttps://www.cisoplatform.com/profiles/blogs/ransomware-cybersecurity-fireside-chat2021-06-29T19:32:47.000Z2021-06-29T19:32:47.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9159039888?profile=RESIZE_400x&width=400"></div><div><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/FbZzPFp18bQ" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>In today’s fireside chat, we discuss the relevance, proactive, and reactive considerations every organization should consider as they face Ransomware. I am joined by Alex Rayter, Principal at Phoenix 2.0, and Justin Daniels, Corporate Cybersecurity and Data Protection Attorney at Baker Donelson. </p><p> </p><p><span style="font-family:helvetica;">Interested in more cybersecurity insights, rants, and strategic viewpoints? </span></p><p><span style="font-family:helvetica;">Subscribe to the Cybersecurity Insights channel on YouTube: <a href="https://www.youtube.com/c/CybersecurityInsights">https://www.youtube.com/c/CybersecurityInsights</a></span></p><p><span style="font-family:helvetica;">Follow me on:</span></p><ul><li><p><span style="font-family:helvetica;">LinkedIn: <a href="https://www.linkedin.com/today/author/matthewrosenquist">https://www.linkedin.com/today/author/matthewrosenquist</a></span></p></li><li><p><span style="font-family:helvetica;">Medium: <a href="https://medium.com/@matthew.rosenquist">https://medium.com/@matthew.rosenquist</a></span></p></li><li><p><span style="font-family:helvetica;">Twitter (@Matt_Rosenquist): <a href="https://twitter.com/Matt_Rosenquist">https://twitter.com/Matt_Rosenquist</a></span></p></li></ul></div>Ransomware Explained - Understanding the Attackershttps://www.cisoplatform.com/profiles/blogs/ransomware-explained-understanding-the-attackers2021-06-23T19:55:39.000Z2021-06-23T19:55:39.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9132904095?profile=RESIZE_400x&width=400"></div><div><p style="text-align:center;"><iframe title="YouTube video player" src="https://www.youtube.com/embed/n2gGq26fgxA" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>Understanding the attackers is the first step in identifying an effective, efficient, and sustainable paths to mitigating the risks of ransomware.</p><p><br /> The root cause of ransomware resides with the people behind the attacks. Recognizing threat agent’s motivations, objectives, and capabilities provides necessary insights to what they will target and the likely methods they will employ to attack victims. Knowing the enemy can present great opportunities undermine, protect and respond to attacks.</p><p> </p><p>This video is the latest installment of a multi-part series on Ransomware. The series is free on the <a href="https://www.youtube.com/c/CybersecurityInsights">Cybersecurity Insights</a> YouTube Channel. <br /> <br /> Industry, business, and government professionals must share, learn, and collaborate to grow our ability to defend against evolving cyberthreats.</p><p>We must work together to determine how best to understand and defeat ransomware. I urge everyone to subscribe and watch all the videos for strategic insights that fuel the ransomware events unfolding in the news and impacting us all. </p></div>Ransomware Explained - Increasing Costs and Impacthttps://www.cisoplatform.com/profiles/blogs/ransomware-explained-increasing-costs-and-impact2021-06-15T17:55:35.000Z2021-06-15T17:55:35.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9095295462?profile=RESIZE_400x&width=400"></div><div><p>Ransomware risks are skyrocketing with increasing costs, more attacks, and greater impacts that are expanding to affect everyone!</p><p>It is a growing threat to organizations and national critical infrastructures connected to the Internet. Ransomware puts in jeopardy all the products, services, and basic functions that citizens depend upon every day. It can and will eventually impact everyone.</p><p style="text-align:center;"> <iframe title="YouTube video player" src="https://www.youtube.com/embed/7i8kPgo8Lus" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>This is the first in a series of videos on Ransomware. I cover the growth, costs, critical impacts, and why paying ransoms is such a bad idea.</p><p>The ransomware menace will get much worse unless we collectively gain a better understanding of the threat and how to address the problem collectively.</p><p>The <a href="https://youtube.com/playlist?list=PLuIYhlNYyCmn0cCA6OqHqfL_qGSsizxBF">Ransomware Explained</a> video series will help shed light on the strategic aspects of this criminal activity and will spur interesting discussions!</p></div>Ransomware Explained Video Serieshttps://www.cisoplatform.com/profiles/blogs/ransomware-explained-video-series2021-06-09T23:12:49.000Z2021-06-09T23:12:49.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/9070078472?profile=RESIZE_400x&width=400"></div><div><p>Ransomware is a rising threat to every organization, device, and person connected to the Internet. All the products, services, and critical infrastructures are at risk of being victimized. We are all being impacted by this type of cybercrime and it is only the beginning. </p><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/VAtVWARHpxk" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p>The ransomware menace will get much worse unless we collectively gain a better understanding of the threat and how work collectively to address the problem.</p><p>The upcoming <a href="https://www.youtube.com/c/CybersecurityInsights">Ransomware Explained</a> video series will help shed light on the strategic aspects of this criminal activity and will spur interesting discussions!</p><p>In the coming weeks I will be developing the Ransomware Explained video series to cover topics like: </p><ul><li>The Increasing Costs and Impacts</li><li>Understanding the Attackers</li><li>The 3 Fundamental Ways of Stopping Cyberattacks</li><li>Ransomware’s Criminal Advantage</li><li>Adapting Tools and Tactics</li><li>How Attribution of Ransomware Attacks is Often Flawed</li><li>Why Ransomware is Targeting Critical Infrastructures</li><li>…and most importantly, that it is time to Choose a Path -- to Either Protect Ourselves Individually or End Ransomware Collectively</li></ul><p>Let me know if there is a specific ransomware topic you are interested in and would like me to cover.</p><p> </p><p>I will post the Ransomware Explained videos on the <a href="https://www.youtube.com/c/CybersecurityInsights">Cybersecurity Insights channel</a> (<a href="https://www.youtube.com/c/CybersecurityInsights">https://www.youtube.com/c/CybersecurityInsights</a>) and everyone is free to watch, comment, and discuss the topic. </p><p>We are all stronger when we work together. </p><p>Join me and I look forward to our collaborative discussions.</p></div>Paying Ransomware Should be Illegalhttps://www.cisoplatform.com/profiles/blogs/paying-ransomware-should-be-illegal2021-05-27T03:18:27.000Z2021-05-27T03:18:27.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><img src="https://storage.ning.com/topology/rest/1.0/file/get/8990414876?profile=RESIZE_400x&width=400"></div><div><p> </p><p><iframe title="YouTube video player" src="https://www.youtube.com/embed/CI_-fyxVuVQ" width="560" height="315" frameborder="0" allowfullscreen=""></iframe></p><p class="graf graf--p">Ransomware is a growing problem that must be STOPPED! Cybercriminals are accumulating fortunes by impacting individuals, businesses, critical systems, and digital services. Some victims are paying ransoms in the tens of millions of dollars.</p><p class="graf graf--p">In today’s video, I explore a radical option that strategically may defeat ransomware from the inside! I have surveyed the professional community and will chat about the challenges, objections, and opposition to outlawing victims from paying digital extortions to cybercriminals.</p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">You are welcome to vote in the LinkedIn poll and add your comments to the discussion: <a class="markup--anchor markup--p-anchor" href="https://www.linkedin.com/feed/update/urn%3Ali%3Aactivity%3A6801560466314399746/" target="_blank">https://www.linkedin.com/feed/update/urn%3Ali%3Aactivity%3A6801560466314399746/</a></p><p class="graf graf--p graf--empty"> </p><p class="graf graf--p">Interested in more cybersecurity insights, rants, and strategic viewpoints? Subscribe to the Cybersecurity Insights channel on YouTube: <a class="markup--anchor markup--p-anchor" href="https://www.youtube.com/c/CybersecurityInsights" target="_blank">https://www.youtube.com/c/CybersecurityInsights</a></p><p class="graf graf--p">Follow me on:</p><ul class="postList"><li class="graf graf--li">LinkedIn: <a class="markup--anchor markup--li-anchor" href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">https://www.linkedin.com/today/author/matthewrosenquist</a></li><li class="graf graf--li">Medium: <a class="markup--anchor markup--li-anchor" href="https://medium.com/@matthew.rosenquist" target="_blank">https://medium.com/@matthew.rosenquist</a></li><li class="graf graf--li">Twitter (@Matt_Rosenquist): <a class="markup--anchor markup--li-anchor" href="https://twitter.com/Matt_Rosenquist" target="_blank">https://twitter.com/Matt_Rosenquist</a></li></ul></div>My interview on Cyber Crime published in news paper on 14th June, 2015https://www.cisoplatform.com/profiles/blogs/my-interview-on-cyber-crime-published-in-news-paper-on-14th-june2015-06-15T06:15:16.000Z2015-06-15T06:15:16.000ZAnuj Kumar Agarwalhttps://www.cisoplatform.com/members/AnujKumarAgarwal<div><p><a href="{{#staticFileLink}}8669801655,original{{/staticFileLink}}"><img width="750" src="{{#staticFileLink}}8669801655,original{{/staticFileLink}}" class="align-center" alt="8669801655?profile=original" /></a></p></div>Four Top Cyber Crime Trends - Recurring Trend In Cyber Security Incidentshttps://www.cisoplatform.com/profiles/blogs/four-top-cyber-crime-trends-recurring-trend-in-cyber-security-inc2017-06-14T06:30:00.000Z2017-06-14T06:30:00.000Zprithahttps://www.cisoplatform.com/members/pritha<div><p>This report gives insight into 4 key cyber security incident trends observed in 2015. Includes top insights and detailed analysis of each attack and how one could prevent their organisation from being a target as well as mitigation.</p>
<p><a href="https://docs.google.com/a/firecompass.com/forms/d/e/1FAIpQLSdBk8QZyQ_MzCFH6FnffGfKp9STF3nJyNB24MJ-Ag8odtVYGg/viewform" target="_blank">>> Download Report</a></p>
<p></p>
<p><a href="http://www.cisoplatform.com/profiles/blogs/four-top-cyber-crime-trends-recurring-trend-in-cyber-security-inc" target="_blank"><img width="430" src="{{#staticFileLink}}8669814880,original{{/staticFileLink}}" class="align-center" alt="8669814880?profile=original" /></a></p>
<p></p>
<p></p>
<p><strong><span class="font-size-5">Why Read This Report ?</span></strong></p>
<ul>
<li>4 Key Cyber Crime Trends</li>
<li>Factors that facilitate each attack</li>
<li>Impact of each type of attack</li>
<li>Preparation & Prevention strategies</li>
</ul>
<p></p>
<p></p>
<p><span class="font-size-5"><a href="https://docs.google.com/a/firecompass.com/forms/d/e/1FAIpQLSdBk8QZyQ_MzCFH6FnffGfKp9STF3nJyNB24MJ-Ag8odtVYGg/viewform" target="_blank">>> Download Report</a></span></p>
<p></p>
<p></p>
<p></p></div>Cryptocurrency Fraud Reached $4.3 Billion in 2019https://www.cisoplatform.com/profiles/blogs/cryptocurrency-fraud-reached-4-3-billion-in-20192020-02-18T17:52:48.000Z2020-02-18T17:52:48.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><a href="{{#staticFileLink}}8669830065,original{{/staticFileLink}}" target="_blank"><img src="{{#staticFileLink}}8669830065,original{{/staticFileLink}}" class="align-full" alt="8669830065?profile=original" /></a></p><p>Cryptocurrency fraud is aggressively on the rise and topped over $4 billion last year, according to the security tracking company Chainalysis.</p><p>This is especially shocking to those who thought they had found an incredible investment in the cryptocurrency world, yet were swindled out of everything. As part of these cryptocurrency scams, victims are lured into investing with the hype of significant returns. Once committed, they are often shown how their accounts are quickly accruing vast wealth, which encourages them to pour even more of their money into the con. The mirage eventually disappears, as does the money, when the operation shutters without notice and the swindlers vanish will all the deposits. Victims are left with the realization they were duped as part of an elaborate hoax and powerless to recover their money.</p><p>Chainalysis recently produced an industry report highlighting the scope of the problem. The organization specializes in helping businesses and governments understand illegal cryptocurrency transactions. The data showcases the rapid rise in 2019 of big Ponzi scams that represented the bulk of the losses. The top six of the large-scale scams were collectively responsible for about 90% of the fraud. It proves when cybercriminals find the right lure in the cryptocurrency community, such as a Ponzi style scam, the momentum quickly accelerates and draws more into the system, becoming massive in scale.</p><p> </p><p><span style="font-size:14pt;"><strong>Fraudsters like cryptocurrency</strong></span></p><p>Some of the beneficial attributes of cryptocurrency are being leveraged against those who aren’t mindful of the risks. Cryptocurrency has a reputation for a financial opportunity because of its history of volatile price swings, both high and low. Media has spotlighted many who have made considerable fortunes with meager beginnings. Scammers take advantage and reach out to this growing global community that desires fast riches, yet is very naïve with the risks. </p><p>The ability to transfer crypto tokens virtually, means they are everywhere but nowhere. Criminals understand this dichotomy and use it to their advantage. Once the money is in the hands of crooks, it begins a rapid journey across the digital landscape and into dark corners where it is hard to trace or impound. </p><p>Victims are often left with a total loss and little hope they will ever get any of their money back. For criminals, the potential of unimaginable gains, sometimes in the hundreds of millions of dollars or more, far exceeds the risk of being caught and prosecuted.</p><p> </p><p><span style="font-size:14pt;"><strong>Privacy, Regulations, and Law Enforcement on the edge</strong></span></p><p>Part of what makes these scams so attractive for cybercriminals to run is the ability to remain unidentified. The inherent anonymity of users is a challenge in the cryptocurrency world. Regulatory rules for Know Your Customer (KYC) and Anti-Money Laundering (AMC) are proliferating across legitimate exchanges and services, which greatly help identify fraudsters and increase accountability, but there is a lack of consistency and there are always workarounds. Other services promote their support for customer privacy and account anonymity, often finding loopholes or outright avoiding such requirements. </p><p>Many of these services are not intentionally malicious or fraudulent, but as part of their belief in the benefits of privacy, they are indirectly supporting potentially illicit activities. Overall, the vast majority of cryptocurrency transactions are legitimate and only a small minority of the overall transactions are tied to illegal activity. But criminals will use whatever tools available to shield themselves from accountability and prosecution. </p><p>Many in the crypto community, who are doing nothing illegal, greatly value their privacy and anonymity. They are attracted to services that don’t require identification and keep their transactions confidential. There is a natural tension in the system that the growing community is still struggling with. I have spoken with many who are staunch advocates for their rights of privacy, in some cases even to the extent of being un-trackable by governments, yet show immediate regret and anger at those same entities when they lose money to a fraudster and have no recourse for justice. Still, some accept those risks as table stakes and prefer to remain anonymous. </p><p>Law enforcement is facing great difficulties adapting to digital crimes but is slowly getting better. For cryptocurrency, they work with experts to track transactions in public blockchains and collaborate with major exchanges to identify criminal activities and trace the flow of illicit funds. It is not easy and the growing number of victims makes it impossible to help even a fraction of those defrauded. The focus tends to be on big cases, like the multi-billion-dollar PlusToken Ponzi scam in 2019 where millions of users were told they could earn 10% a month on their investment. Ultimately, the criminals pulled in over $2 billion before it collapsed and the money is now gone. It has been digitally laundered and dispersed among thousands of anonymous accounts.</p><p>Although Chinese authorities were able to identify and apprehend 6 of the individuals behind the scheme, most crimes go unsolved. The chance of restitution for the PlusToken victims is almost non-existent. </p><p>The continued rise of the cryptocurrency market and ease in which to convince victims encourages the greed of fraudsters. Scams are getting more elaborate and convincing. Law enforcement is getting better but must face the evolving challenges of technology. More ‘privacy’ designed currencies are gaining momentum and will pose new hurdles to investigate and prosecute criminals, forcing authorities to continually adapt. In the meanwhile, people will be at risk. So far, using common sense in vetting investments is the best way to avoid cryptocurrency victimization. </p><p><a href="{{#staticFileLink}}8669830065,original{{/staticFileLink}}" target="_blank"></a></p></div>Misunderstanding the Economic Factors of Cybercrimehttps://www.cisoplatform.com/profiles/blogs/misunderstanding-the-economic-factors-of-cybercrime2020-05-30T16:01:17.000Z2020-05-30T16:01:17.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><a href="{{#staticFileLink}}8669831274,original{{/staticFileLink}}" target="_blank"><img src="{{#staticFileLink}}8669831274,original{{/staticFileLink}}" class="align-full" alt="8669831274?profile=original" /></a></p><p>A new study by Cambridge Cybercrime Centre titled <em><a href="https://www.cl.cam.ac.uk/~bjc63/Crime_is_boring.pdf">Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies</a></em> concludes that cybercrime is boring and recommends authorities change their strategy to highlight the tedium in order to dissuade the growth of cybercrime.</p><h2><strong>Warning: Full-blown rant ahead, as I am frustrated with reports such as this </strong></h2><p>Limited focused research, which does not look at the big picture as it evolves, leads readers to poor conclusions that are oversimplified and not couched in reality.</p><p>Do these researchers really think that cybercrime is driven by motivations about it being sexy, a fun work environment, or exciting? This report suggests that if we market cybercrime roles as being tedious, then people will not go down that path. Ha!</p><p>Wake up! The vast majority of cybercrime is motivated by personal financial gain. Period. Additionally, the massive number of new followers of digital crime won’t care about tedium or the opinions of people that live a lifestyle where convenience plays a significant role in how to put food on the table.</p><p>Throughout history organized crime has aligned to a pyramid model where the greatest number of participants are at the bottom, doing grunt jobs. They are poorly compensated, take on more risk, terribly treated, and generally suffer in their daily grind. Most don’t aspire to be there, rather they do it because there are not better options. </p><h2><strong>This report misses the bigger picture!</strong></h2><p>Consider that one million people join the Internet every day. The majority of the next billion that will come online will be from economically struggling regions where people hustle to scratch a living every day. Unemployment is high and there are almost no opportunities to make money. Half the world makes less $10 a day and over 10% live on less than $2 a day. Even a basic job as a mule, social engineer, CAPTCHA reader, ransomware distributor, phishing scammer, etc. will make many of these people more money than they could otherwise. The people in warehouses that support click-farming, earning pennies, aren’t there because they want to be. They simply don’t have many options to earn a wage. They do what is necessary to subsist. Much of the next billion people joining the internet will see connectivity as a doorway for more opportunities to stay afloat. </p><p>Unfortunately, cybercrime will see an explosion over the next few years as people with the greatest needs see the Internet as an opportunity to sustain their family. Some estimates are as high as $6 trillion in overall impact. Cybercrime-as-a-Service is positioned for tremendous growth as it allows for people to join the support base of online criminal groups, without any requirements for hacking skills. The pay is low and the work is grinding, but the rewards may far exceed what is available to them otherwise. It does not matter if law enforcement communicates that such roles are boring for the majority of those joining the bottom ranks.</p><p>Discussions from people, in economically wealthy countries, about tedium is irrelevant and myopic when the greater scale is evaluated. For many millions of people, cybercrime will be an avenue for subsistence. For these people, the economics of survival and scarcity of alternative opportunities will drive decisions. This is the realistic risk we must address. </p><p></p><p></p><p>Interested in more? Follow me on <a href="https://www.linkedin.com/today/author/matthewrosenquist" target="_blank">LinkedIn</a>, <a href="https://medium.com/@matthew.rosenquist" target="_blank">Medium</a>, and <a href="https://twitter.com/Matt_Rosenquist" target="_blank">Twitter (@Matt_Rosenquist)</a> to hear insights, rants, and what is going on in cybersecurity.</p><p>Image by Colin Behrens from Pixabay</p></div>Microsoft's New Tactics Disrupts Trickbot Ransomwarehttps://www.cisoplatform.com/profiles/blogs/microsoft-s-new-tactics-disrupts-trickbot-ransomware2020-10-15T04:35:38.000Z2020-10-15T04:35:38.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/z4xuIbZRht8?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p style="background:#FFFFFF;margin:0in 0in 7.5pt 0in;"><span style="font-family:Verdana, sans-serif;color:#414141;">Microsoft and partners have taken down the Trickbot ransomware infrastructure. That is a temporary relief, as the cybercriminals will soon adapt. The bigger picture is how the Microsoft Digital Crimes Unit (DCU) has created a template and partnerships to better target and disrupt future malware campaigns!</span></p><p style="background:#FFFFFF;margin:0in 0in 7.5pt 0in;"><span style="font-family:Verdana, sans-serif;color:#414141;"> </span></p><p style="margin:0in;background:#FFFFFF;"><span style="font-family:Verdana, sans-serif;color:#414141;">Subscribe to my new <a href="https://www.youtube.com/channel/UC4hKNPYJVm5MAgkFdGXSc7A" target="_blank"><span style="color:#337ab7;text-decoration:none;">YouTube channel for more Cybersecurity Insights</span></a>, rants, news, and perspectives.</span></p></div>Cyber Threats Enhance Phishing with AI and Worm Functions for Rapid Disruptionhttps://www.cisoplatform.com/profiles/blogs/cyber-threats-enhance-phishing-with-ai-and-worm-functions-for2020-10-20T22:51:12.000Z2020-10-20T22:51:12.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/NR_QYsAMI-I?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>New phishing malware leverages Artificial Intelligence and worm functionality to rapidly spread to contacts of victims. By leveraging previously established relationships the malware can bypass technical controls and easily fool new targets into becoming infected. </p><p>This is just another step forward, albeit an interesting and effective tactic, in the ongoing escalation between cyber threats and defenders. Expect more innovation as the partnerships between phishing, AI, and advanced malware becomes stronger to the detriment of everyone.</p><p> </p><p>Subscribe to my new <a href="https://www.youtube.com/channel/UC4hKNPYJVm5MAgkFdGXSc7A">YouTube channel for more Cybersecurity Insights</a>, rants, news, and perspectives.</p></div>Charges Against Russian Nation-State Hackers Sends a Messagehttps://www.cisoplatform.com/profiles/blogs/charges-against-russian-nation-state-hackers-sends-a-message2020-10-22T16:29:40.000Z2020-10-22T16:29:40.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/gCLoFBJw5jY?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>The U.S. Department of Justice filed charges against six Russian agents, identified as members of the APT group known as Sandworm. The unsealed documents reveal that the six suspects are all current or have former ties to the Russian foreign intelligence agency, the GRU. The charges outline how this group is supported and coordinated by the Russian government to conduct hacks against people and governments around the world, including taking down the Ukraine power network and unleashing NotPetya malware, one of the most damaging in history.</p><p>It is unlikely these individuals will ever see their day in a western court. Instead, there is a bit of political gamesmanship afoot, with a clear message being sent to the offensive cyber teams connected with the Russian government. </p><p> </p><p>If you like these updates, click the Like button and be sure to subscribe to the <a href="https://www.youtube.com/channel/UC4hKNPYJVm5MAgkFdGXSc7A">Cybersecurity Insights channel</a> for more rants, news, and perspectives.</p></div>Bahamas new digital currency will be the next testbed for innovative cybercrime attackshttps://www.cisoplatform.com/profiles/blogs/bahamas-new-digital-currency-will-be-the-next-testbed-for2020-10-30T18:15:36.000Z2020-10-30T18:15:36.000ZMatthew Rosenquisthttps://www.cisoplatform.com/members/MatthewRosenquist<div><p><iframe width="560" height="315" src="https://www.youtube.com/embed/XgR70bdwzEY?wmode=opaque" frameborder="0" allowfullscreen=""></iframe></p><p>The government’s Central Bank of the Bahamas has released the world’s first Central Bank Digital Currency (CBDC) - the “SAND DOLLAR”.</p><p>This is attracting the interest of cybercriminals as well as security professionals. As national currencies transform into a digital form, criminals will seek ways to steal and abuse monetary systems at a scale never seen before. The stakes are high and this will be the next emerging cybersecurity battlefield.</p><p> </p><p>Subscribe to the <a href="https://www.youtube.com/channel/UC4hKNPYJVm5MAgkFdGXSc7A">Cybersecurity Insights</a> YouTube channel for more perspectives, rants, and news.</p></div>