InfoSecBulletin Cybersecurity for mankind
New guidance on ransomware, released during this week’s International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to law enforcement promptly and to consult more advisors before deciding to pay a ransom.
Cybersecurity experts from about 70 countries are gathering at the White House this week for the fourth International Counter Ransomware Initiative meeting. This annual event, initiated in 2021, aims to tackle recent ransomware attacks and develop new mitigation strategies.
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
The UK and Singapore governments released voluntary guidance to help victims of ransomware attacks respond effectively and reduce the impact.
Victims are urged to report attacks and ransom demands to law enforcement and cyber insurance providers. While paying ransoms is not recommended, if victims choose to do so, they should ensure it could positively impact the situation and meets local regulations.
“External experts such as insurers, national technical authorities, law enforcement or cyber incident response companies familiar with ransomware incidents can improve the quality of decision-making,” according to the new guidance. Officials also pointed out that paying the ransom does “not guarantee access to your devices or data.”
Ransomware victims should document their incident response, decisions for mitigating the attack, and any collected data for future reviews. They must also be aware of the regulatory penalties for data breaches.
“Overall, the advice feels complete and aligned,” said Casey Ellis, founder and chief strategy officer at Bugcrowd. “The only change I would consider would be to move the record-your-decision-making to the top of the list. Dealing with these types of incidents can very easily and quickly create a fog-of-war effect inside a ransomed organization.”
Participants at the event worked on various initiatives, such as finalizing a project on secure software and labeling principles by the U.K. and U.S. governments. They also announced the launch of an information-sharing member portal by Australia and a new U.S. government fund to enhance members’ cybersecurity capabilities.
The updated guidance was released following a joint effort by the U.S., U.K., and European governments to arrest and indict members of the Russian cybercriminal underground, including targets like LockBit and Evil Corp.
The U.K. NCSC and the White House did not immediately respond to requests for comments from Information Security Media Group.
