Talking Down Ransomware: Negotiations with a Growing Number of Cyberattacker Groups
As ransomware attacks continue to plague organizations, Mark Lance, VP of digital forensics and incident response at GuidePoint Security, confronts an ever-expanding roster of threat groups. With their numbers swelling from 45 to 71 just since last year, Lance and his team manage a delicate balancing act, engaging with these groups through dark-web sites to negotiate terms, all while keeping the safety and security of sensitive information at the forefront. The motivation behind the ransomware attacks remains a critical component in guiding the negotiation process, acknowledging that each group presents its unique challenges and goals.
Cyberattackers’ Surprising Move: Patching to Keep Exclusive Access
In an unusual turn, Red Canary, a cybersecurity firm, has reported that cyberattackers are now patching the very vulnerabilities they exploit. This unexpected strategy is part of a sophisticated approach to maintain their unauthorized access by preventing detection from vulnerability scanners and making it more challenging for defenses to spot their presence. The attackers are not aiming for goodwill but rather securing a form of exclusive backdoor access that might leave organizations even more vulnerable to covert operations.
AI’s Coding Timebomb: Speed vs. Security
Artificial Intelligence (AI) is transforming the landscape of software development, but at what cost? According to Apiiro, a security platform, AI coding assistants could be setting a timebomb in software security. Their research points out that although AI assistance boosts developer efficiency, leading to more commits in code repositories, there is a noticeable drop in push requests—a critical aspect of the review process. This raises concerns about the potential for oversights and insufficient security scrutiny, pushing the debate between the need for speed in development and the imperative of maintaining robust security measures.
