How Did FBI Recover Colonial Pipeline's DarkSide Bitcoins?

Mathew J. Schwartz • June 11, 2021

Cryptocurrency has a reputation for being tough to trace - no wonder anonymity-craving criminals favor using it. In reality, cryptocurrencies don't make users anonymous. But just how did the FBI recover most of the bitcoins paid by Colonial Pipeline to the DarkSide ransomware operation?

Anti-Money Laundering (AML)

White House Puts Russia on Notice Over JBS Ransomware Hit

Latest

Breach Notification

McDonald's Breach Exposes Korean, Taiwanese Customer Data

Doug Olenick • June 12, 2021

Fast-food giant McDonald's is acknowledging a data breach that affected some customer and company data from its locations in Korea and Taiwan. Phone numbers, delivery and email addresses were exposed. Payment data, however, has not been compromised.

Cybercrime

DOJ Shut Down Slilpp Marketplace for Stolen Credentials

Akshaya Asokan • June 11, 2021

The U.S. Justice Department has shut down the Slilpp cybercrime marketplace, which sold stolen credentials related to bank accounts and other payment mechanisms, in a multinational operation.

3rd Party Risk Management

ISMG Editors' Panel: The FBI's Global Cryptophone Sting

Anna Delaney • June 11, 2021

Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.

Digital Identity

What to Expect as the CISO of a Pharma Company?

Geetha Nandikotkur • June 11, 2021

Being the CISO of a pharma sector means you are accountable for the decisions made, ensure that you make the best use of the funds, resources and skills, and are capable of translating business requirements into cyber solutions, says Agnidipta Sarkar, group CISO at Biocon, as he takes up the new role.

3rd Party Risk Management

Colonial Pipeline Ransomware Fallout: Congress Grills CEO

Anna Delaney • June 11, 2021

The latest edition of the ISMG Security Report features an analysis of lawmakers' grilling of Colonial Pipeline CEO Joseph Blount over his handling of the DarkSide ransomware attack. Also featured: How the FBI helped trick criminals into using an encrypted communications service that it was able to monitor.

Breach Notification

Ransomware Gang Goes Nuclear, Hitting US Weapons Contractor

Mathew J. Schwartz • June 11, 2021

A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.

Fraud Management & Cybercrime

RSA Spins Off Fraud and Risk Business

Doug Olenick • June 10, 2021

RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer. The new company will be led by Reed Taussig as CEO, and it will serve a worldwide customer and partner community.

Cybercrime

Botnet Data Leak: 26 Million Passwords Exposed

Jeremy Kirk • June 10, 2021

Some 26 million passwords were exposed in a 1.2 terabyte batch of data found by NordLocker, a security company. It's workaday botnet data, but it highlights a hostile malware landscape, particularly for people still inclined to download pirated software.

Application Security

Microsoft Patches 6 Vulnerabilities Currently Under Attack

Doug Olenick • June 9, 2021

Microsoft's June Patch Tuesday contained patches for six zero-day vulnerabilities being exploited in the wild, including two flaws detected by Kaspersky that were being exploited by a new threat group named PuzzleMaker.

Application Security

Not So Fastly: Global Outage Highlights Cloud Challenges

Mathew J. Schwartz • June 9, 2021

Content delivery network Fastly says its global outage on Tuesday was caused by an unanticipated software bug, which it has now patched. IT experts caution that content delivery networks and other cloud services can become single points of failure if they go down, unless users have resiliency plans.

Critical Infrastructure Security

Colonial CEO at Senate Hearing Details Ransomware Attack

Doug Olenick • June 8, 2021

Colonial Pipeline Co. CEO Joseph Blount defended his actions during the opening hours of the May 7 DarkSide ransomware attack against his company as several lawmakers on the Senate Homeland Security and Governmental Affairs Committee grilled the executive for over two hours on Tuesday.

Leadership & Executive Communication

Profiles in Leadership: Stephenie Southard, CISO, BCU

Tom Field • June 8, 2021

A lot of CISOs talk about having security "baked into" their products and solutions. But for Stephenie Southard, vice president and and CISO at BCU, security leadership is all about ensuring that cybersecurity is part of the enterprise's very fabric.