Cryptowall brought in close to $100 million before it was shut down this year.
CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said. Smaller ransomware families brought in another $150 million, and the FBI has reported $209 million in ransomware payments during the first three months of 2016.
In addition to this $800 million or so in known payments, there are many other Bitcoin wallets that are unknown to researchers and uncounted, pushing the estimated total to $1 billion for all of 2016. “The $1 billion number isn’t at all unreasonable and might even be low,” confirmed Mark Nunnikhoven, vice president of cloud research at Trend Micro. “It’s getting difficult to track the amount of money flowing into criminals’ Bitcoin wallets because they’ve started to try and hide the transactions across a large number of wallets,” he added. He said that there was a 400 percent increase in ransomware variants last year, and he expects to see a 25 percent growth in ransomware families in 2016. “What we’re seeing is a bit of a maturation in how to execute these attacks, so we’re expecting a leveling off to a more realistic growth curve,” he said. But criminals will continue innovating because of how profitable ransomware is. “I don’t think we’ll see the 100 percent growth that we saw from 2015 to 2016,” said Allan Liska, intelligence analyst at Recorded Future. “I think we’ll probably see a 50 percent growth.” The markets for stolen medical records, credit card numbers and email addresses are collapsing, he said. “Not only is it taking a while to get paid, but they’re not getting paid as much as they used to,” he said. Meanwhile, ransomware is an easy business to get into, the payout is immediate, and it offers an ongoing revenue stream. “There’s no incentive for them to discontinue ransomware,” he said. Some experts expect growth to be even higher. Successful ransomware attacks will double this year, predicted Tom Bain, vice president at CounterTack. “The reality is that every single customer I speak to, anyone in the industry really, this is their number one concern,” he said. Better defensive technology and collaboration will help, he said, but the problem is going to get worse before it starts to get better. Gartner analysts estimate that there were between 2 million and 3 million successful ransomware attacks in 2016, and that the frequency will double year over year through 2019. “I think they’re right,” said Bain. But not all experts think the future is quite that bleak. Raj Samani, vice president and CTO at Intel Security, predicts that anti-ransomware efforts will begin to pay off in the next few months. “We’ll see a spike earlier on this year, but then I anticipate our efforts with law enforcement to be successful,” he said. Intel, along with Kaspersky Labs, Europol, and the Dutch National High Tech Crime Unit formed an alliance this past summer, No More Ransom.
Since then, more than a dozen other law enforcement agencies have joined up, including Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland, and the United Kingdom.
Several other security vendors have also joined up. “Now that we’ve got more law enforcement agencies on board, and more private sector firms, we expect to see an increase in successful take-down operations,” said Samani. In addition to working together to bring down ransomware operations, the group also distributes free anti-ransomware tools. That, combined with more user awareness about phishing and better detection technologies, will combine to stop the growth of this attack vector, Samani said. “As an industry, we’ve started to develop new products, sandboxing, threat intelligence exchanges,” he said. “It is getting better.” However, he warned that malware authors do have one significant advantage. “There’s an asymmetry of information,” he said. “They have tools and services that will allow them to run their malware through all the anti-virus engines out there.
They can install our products and they know how our products work because we openly talk about them.
This is one of the big security challenges.” This story, "Security expert: Ransomware took in $1 billion in 2016" was originally published by CSO.
The suspect, Sean Sharma, was arrested on Dec. 9 for purchasing a DDoS tool used to mount the attack, the FBI stated in a release.Since last week, the FBI’s International Cyber Crime Coordination Cell, or IC4, and other law enforcement agencies—including Europol and the U.K.’s National Crime Agency—have arrested 34 suspects and conducted interviews with 101 individuals.“DDoS tools are among the many specialized cyber-crime services available for hire that may be used by professional criminals and novices alike,” Steve Kelly, FBI unit chief of IC4, said in the agency’s statement. “While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber-criminals, we also want to deter the young from starting down this path.” DDoS-for-hire services have increased in use to account for 93 percent of all distributed denial-of-service attacks, according to Incapsula, a DoS mitigation service owned by Imperva. Neustar, a real-time cloud-based information and analysis provider, confirmed that booters and stressors have grown significantly over the past four years. "A pretty large portion of the DDoSes we have seen are the fault of the stressors and booters,” Rodney Joffe, senior vice president and fellow at Neustar, told eWEEK. “And it has been a problem for 4 years.”The worldwide law enforcement action aims to carry a message to young offenders that what may seem to them as innocuous cyber-pranks are actually serious crimes that carry hefty legal penalties, the law enforcement groups said.The people arrested are suspected of paying for DDoS services to launch floods of data against websites and online services—often gaming platforms.“Today’s generation is closer to technology than ever before, with the potential of exacerbating the threat of cyber-crime,” Steve Wilson, head of the European Cyber Crime Centre (EC3), said in a statement. “Many IT enthusiasts get involved in seemingly low-level fringe cyber-crime activities from a young age, unaware of the consequences that such crimes carry.”Yet, Neustar’s Joffe doubted that the arrests will make much of an impact.“There are millions of kids who play games, and they don’t think this is illegal,” he said. “Or they understand that this is illegal, but they don’t think they are going to get caught.”Law enforcement agencies carried out actions in Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom, and the U.S.
The law enforcement organizations underscored that fighting the cyber-crimes require a collaborative effort.“No law enforcement agency or country can defeat cyber-crime alone,” the FBI said in its statement. “This demands a collective global approach.”
Lisbon, PORTUGAL - 9 November 2016: People must feel safe and secure with the Internet of Things before it can reach its full potential - and there are a lot of things that still need to be addressed, Greenwave Systems’ chief scientist and technology evangelist Jim Hunter warned today.
Speaking at Web Summit, Hunter said security is the single biggest hurdle when it comes to monetizing the Internet of Things (IoT), particularly in the wake of incidents like last month’s Mirai DDoS attacks.
Jim Hunter, Greenwave Systems' chief scientist and technology evangelist
Calling on his extensive experience in connected technology and his recent efforts as co-chair of the IoT Consortium committee on privacy and security, Hunter called for a fundamental consensus within the industry on security standards.
“When you’re looking at how to monetize, you should find the value in what makes people tick - consumers want to be safe, secure and have their basic needs met,” said Hunter. “From that perspective, the value is in shoring up the bottom line and the smart home has its roots in security for that very reason.”
Hunter - who took part in a panel titled “Are Smart Homes Overhyped and Risky?” at Web Summit today - went on to say that the IoT must meet basic security standards and safeguard consumer trust to continue to grow.
“Once those basics are met, people will want to create and connect,” he said. “If you look at social media, Facebook wouldn’t have been successful in the early days of the Internet if people didn’t feel safe and secure.
That’s what we as an industry have to do with the IoT.
There are a lot of aspects that need to improve before we can move on to next level.”
According to Hunter, while the size of the IoT is unprecedented, the concepts behind it are nothing new.
“The Internet has been about ‘things’ the whole time - be it a computer, a mobile phone or a smart device - so you have to look at how we have monetised the Internet so far and provided value to the consumer,” he continued. “The PC industry, for example, didn’t fully take off until software enabled people to be more creative, productive and better connected.
The mobile industry was the same - there were a lot of walled gardens until Apple created the App Store.
“We went from millions of opportunities with the PC industry to billions of opportunities with mobile, and from complicated, large-scale applications to smaller, more digestible solutions.
The Internet of Things is a continuation of that, but with trillions of devices.”
About Jim Hunter
As the Chief Scientist and Technology Evangelist at Greenwave Systems, Hunter is responsible for overseeing the technology, architecture and innovation of Greenwave Systems’ award-winning AXON Platform®. He is a highly regarded technologist with multiple patents and is a well-respected thought leader, author and speaker, propelling the world toward a smart, connected future.
Connect with Hunter at @theiotguru or @GreenwaveSys.
About Greenwave Systems
Greenwave Systems is a global Internet of Things (IoT) software and services company dedicated to empowering market-leading brands to profitably deploy their own managed services and products, foster deeper customer relationships and grow their businesses. Mobile carriers, telecommunications operators, semiconductor manufacturers, utilities and all manner of service providers use the Greenwave AXON Platform to safely integrate data and communications from a variety of existing and emerging digital protocols and swiftly create vanguard IoT and M2M services via managed networks with real-time analytics. Learn more about Greenwave at www.greenwavesystems.com.
Connect with us on LinkedIn here and follow us on Twitter at @GreenwaveSys.
©2016 Greenwave Systems, Inc.
Greenwave Systems and AXON Platform are trademarks and/or registered trademark of Greenwave Systems, Inc. Other brand names may be trademarks of their respective owner(s).
Information is subject to change without notice.
All rights reserved.
For further information, contact:
PR Contact - UK
+44 1636 812152
Greenwave Systems - Europe
Tel: +45 6913 2333
Media Relations - US
In Europe this has driven fraud away from point of sales terminals thanks to deployment of chip-and-PIN, to online card-not-present transactions. They flocked to Russia to get a piece of its rapid adoption of online payments between 2010 and 2015 which amounted to a 500 percent increase in "total card payment value", according to Euromonitor. Fraud went up some 130 percent over that time. America's reliance on magnetic stripe data has left it a ripe harvest for fraud.
Slow chip-and-PIN deployments will help stem the flow in coming years. Australia by contrast is one of the world's toughest places to commit fraud thanks to its widespread adoption of the most modern and secure payment methods available such as Android and Apple pay, and contactless card payments. ® Sponsored: Global DDoS threat landscape report
Accolades were presented to KPMG, Mindgrape, Grupo SIA and Softline Group during Flexera Software’s annual Partner Summits in Big Sky Montana for North America, and the French Alps for Europe, the Middle East and Africa (EMEA).Flexera Software’s solutions are sold, supported, serviced and enhanced by a global network of channel, consulting/service and technology partners.
These companies deliver value-added capabilities for Application Readiness, Software License Optimisation, Software Vulnerability Management, Software Monetisation and Installation business challenges.
The Partner Summits allow Flexera Software’s alliance partners to meet face-to-face and discuss important product updates and overall enterprise strategy for the upcoming year, as well as recognise strategic partners that routinely go above-and-beyond to help make customers successful. “Sincere congratulations to Flexera Software’s 2015 Partners of the Year,” said Tim Boudreau, Global Vice President of Strategic Alliances at Flexera Software. “Their unparalleled excellence, tireless dedication and quality service have played a vital role as they work with us to solve our mutual customers’ licensing, compliance, security and installation challenges.” Award Winners KPMG LLP, the U.S. audit, tax and advisory firm, received the North American Implementation Partner of the Year award for the second year in a row for excellence in delivering enterprise-wide implementation projects and programmes Mindgrape, a value-added supplier of software, IT consultancy services and training within IT infrastructure, was recognised as the EMEA Top Channel Partner for value-added distribution Grupo SIA, dedicated to providing solutions and services in corporate computing, was bestowed the EMEA Top Alliances Newcomer honour for identifying, addressing and solving customer license management challenges across the lifecycle – from building a business case to local language technical support, including implementing Flexera Software’s Software License Optimisation solutions Softline Group, an international IT-consulting company focusing on Software Asset Management (SAM), IT-security, IT-infrastructure consulting and managed services, was given EMEA Top Alliances Implementation Partner accolades the third year in a row for implementing and maintaining Flexera Software’s Software License Optimisation solutions for a high number of successful customer projects in Europe “We're honoured Flexera Software has named us as their North American Implementation Partner of the Year for the second year in a row," said Paul Baguley, Principal, KPMG's Contract Compliance Services. "Through our alliance, we’re working hand-in-hand to help clients effectively manage their software license estate, optimise spend and reduce license compliance risk, and we look forward to building on our success in the market.” “Mindgrape is honoured to receive Flexera Software’s Top Channel Partner award,” said Mikael Karlsson, CEO at Mindgrape. “Teaming together, our product portfolio provides toolkits which enable end-user applications, and provide solutions — from technology introduction to phase-out — leveraging the latest industry best practices.” “Grupo SIA appreciates Flexera Software acknowledging us as their Top Alliances Newcomer,” said Ruben Morales Linares, Director of Infrastructure Services at Grupo SIA. “Our close collaboration is fundamental to customer enablement, allowing us to join forces to deliver successful eTrainings, bootcamps and other joint customer events.” “Softline Group is very excited that Flexera Software has recognised us as Top Alliances Implementation Partner the third year in a row,” said Martin Schaletzky, CEO at Softline Group. “Our relationship lets us combine the expertise and innovative technologies our customers need for a number of extremely successful SAM implementations, and we look forward to driving expansion of the entire ecosystem for years to come.” # # # Resources: Follow Flexera Software… About KPMG LLPKPMG LLP, the audit, tax and advisory firm (www.kpmg.com/us), is the U.S. member firm of KPMG International Cooperative (“KPMG International”). KPMG International’s member firms have 174,000 professionals, including more than 9,000 partners, in 155 countries. About MindgrapeMindgrape offers software licenses, authorised training and consultancy services within application delivery and deployment. Quality and trust are our watchwords when we deliver customer adapted solutions to enterprises, organisations and public authorities. About Grupo SIAGrupo SIA is an international company of Spanish origin, founded in 1989, dedicated to providing solutions and services in corporate computing. Our value is based on specialisation and the culture of dedication to our customers.
SIA has more than 600 professionals and offices in Spain (Madrid, Barcelona, A Coruña) and Portugal (Lisbon, Oporto). About Softline GroupSoftline Group is an established IT service provider that shows a continuous growth through the establishment of international branches focused on IT-Asset Management, IT-consulting and IT-support.
The Softline Group operates throughout the whole of Europe and has its head office in Leipzig.
The group consists of Softline AG, which acts as the holding company, and its subsidiaries Softline Solutions GmbH, Softline Solutions Netherlands B.V., Softline Solutions N.V., Softline Solutions France, Softline Solutions UK as well as Prometheus GmbH and its subsidiary XPERTLINK GmbH.
The Softline Group is a financially stable company that enjoys continuous growth.
It has developed into a recognised service provider in the information and communication technology (ICT) sector.
Softline AG was founded in 1983 and has been a listed company since February 2000.
For more information, please visit www.softline-group.com. About Flexera SoftwareFlexera Software helps application producers and enterprises increase application usage and the value they derive from their software. Our next-generation software licensing, compliance, security and installation solutions are essential to ensure continuous licensing compliance, optimised software investments and to future-proof businesses against the risks and costs of constantly changing technology. Over 80,000 customers turn to Flexera Software as a trusted and neutral source for the knowledge and expertise we have gained as the marketplace leader for over 25 years and for the automation and intelligence designed into our products.
For more information, please go to: www.flexerasoftware.com. For more information, contact:Vidushi Patel/ Nicola MalesVanilla PRprflexera@vanillapr.co.uk+44 7958474632 / +447976652491 Copyright 2016 Flexera Software LLC.
All other brand and product names mentioned herein may be the trademarks and registered trademarks of their respective owners.
In fact, the Allot report stated that 40 percent of sports fans were at risk during UEFA 2016 event.
Sulkes said his firm found users were engaging in two particularly risky behaviors: sports betting and social media activity. According to Allot's MobileTrends report, gambling was found to be a risky category, with 77 percent potential risk for users, meaning 77 percent of transactions scanned by the Allot filter were found to have online threats, he said."It means that a mobile sports fan accessing a sports betting category is likely to become a victim of online threats," Sulkes said.Allot worked with security vendor Kaspersky Lab on the report, which combines Allot's service delivery and telecom analytics expertise with Kaspersky Lab's security expertise to provide insights into the growing trend of online threats, according to Sulkes. He added that Kaspersky is Allot's technology partner for online threat detection, as Kaspersky's anti-malware engine is embedded into Allot's network-based Web security solution.While Allot found an increase in risky user behavior, according to Kaspersky no unique UEFA-specific malware infected users."The report focused on the risks for digitally active sports fans during the 2016 UEFA European Championship and provided insights into how major events impact online behaviors and increase the potential for mobile Internet users to fall victim to cyber-threats such as malware infection, phishing and ransomware," a Kaspersky spokesperson told eWEEK. "We do not have any evidence that fans were infected with UEFA-specific malware."That said, Kaspersky did report in April that hackers were making use of UEFA themes and titles in different spam and phishing campaigns."During the UEFA 2016 event numerous incidents were observed, ranging from malicious links posted on Facebook, spam emails leading to phishing sites [and] the download of malware-infected fake FIFA apps to online euro-themed fake sites," Sulkes said.The UEFA event might be over, but attackers will have a similar opportunity this summer to exploit casual sports fans: the Rio Olympics.
Sulkes says sports fans should be aware of online threats and be careful when downloading files or clicking on links."To be safe online, sports fans need comprehensive Web security protection on any device, including anti-malware, anti-phishing, anti-spam and ad-blocking, due to malicious ads," he said.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.
Follow him on Twitter @TechJournalist.
This release also includes additional improvements and bug fixes. • Adds support for pairing multiple Apple Watches to one iPhone • Adds Nearby in Maps to browse for places around you by category, including Food, Shopping, and more • Adds support for system language in Catalan, Croatian, Slovak, Romanian, and Ukrainian • Adds support for dictation in Catalan, Croatian, Slovak, Romanian, Ukrainian, and English (Saudi Arabia, UAE, and Indonesia) • Adds support for Siri in Malay, Finnish, and Hebrew • Increases frequency of background heart rate measurements when you are stationary For information on the security content of this update, please visit this website: http://support.apple.com/kb/HT1222 watchOS 2.1 This update includes new language support and bug fixes. Adds support for system language in Arabic, Czech, Greek, Hebrew, Hungarian, Malay, Portuguese (Portugal), and Vietnamese Adds support for Right-to-Left user interface Adds ability to switch between Latin and Hindi numerals for Arabic Adds a new complication for Islamic and Hebrew Calendars Adds support for Siri and dictation in Arabic (Saudi Arabia, United Arab Emirates) Adds support for dictation in English (Malaysia), Czech, Greek, Hebrew, Hungarian, Portuguese (Portugal), and Vietnamese Resolves an issue that could prevent events from updating in the Calendar complication Fixes an issue that could prevent the time from displaying in Power Reserve mode Addresses issues that could prevent third party apps from launching Fixes an issue that could prevent third-party app icons from displaying correctly Fixes an issue that could cause instability when changing the system language For information on the security content of this update, please visit this website: watchOS 2.0.1 This update contains new emoji characters, performance improvements, and bug fixes, including: Fixes an issue that could cause software updates to stall Fixes issues that were impacting battery performance Resolves an issue that prevented a managed iPhone from syncing iOS Calendar events to Apple Watch Addresses an issue that could prevent location information from properly updating Fixes an issue that could cause Digital Touch to send from an email address instead of a phone number Addresses an issue that could cause instability when using a Live Photo as a watch face Resolves an issue that allows the sensors to stay on indefinitely when using Siri to measure heart rate For information on the security content of this update, please visit this website: watchOS 2.0 This update contains new features and capabilities for users and developers, including the following: New watch faces and timekeeping features Time-lapse videos of Hong Kong, London, Mack Lake, New York, Shanghai, and Paris Photo and Photo Album so you can see your favorite images every time you raise your wrist, including support for Live Photos Time Travel with the Digital Crown to see what’s coming in the future or what’s happened in the past Nightstand Mode so your Watch can be used as a bedside alarm clock 9 new colors to customize your watch face, and a new multicolor Modular face Support for third-party apps to create complications Siri improvements Start a specific workout, get transit directions, or ask to see a glance Support for FaceTime audio calling and replying to email Support for HomeKit to control supported devices in your home using Siri New support for Austria, Belgium (French and Dutch), and Norway Activity and Workout improvements Workouts from third party apps on the Watch can be included in your Activity rings Activity rings, workouts, and achievements can be shared from the Activity app on iPhone Interactive achievements On-demand weekly summary Mute Activity notifications for one day Workouts saved automatically Apple Pay and Wallet improvements Support for Discover cards Support for rewards cards and store credit and debit cards Add passes to Wallet directly from third party apps on your Watch Friends and Digital Touch improvements Add more than 12 Friends directly from Apple Watch Multiple Friends’ groups that you can name Send sketches using multiple colors New options for animated emoji Maps improvements Transit view, showing transit lines, stations and intermodal connections in select major cities View the list of directions for your current route View station placards with departure information Music improvements New Beats 1 button to start playing the 24/7 radio station New Quick Play button to play a variety of songs from Apple Music Reply to emails using dictation, emoji, or smart replies customized specifically for email Make and receive calls using FaceTime audio Support for Wi-Fi calling without iPhone in proximity on participating carriers Activation Lock prevents anyone from activating your Apple Watch without your Apple ID and password New developer capabilities including Native SDK to build faster and more powerful apps running natively on Apple Watch Access to accelerometer to more granularly track your motion Access to heart rate sensor for use during a workout Access to microphone and speaker to record and play audio Access to the Taptic Engine with 8 different types of Haptic feedback Access to the Digital Crown for more precise controls Ability to play video directly on Apple Watch Support for running apps without iPhone in proximity, including access to networking capabilities when connected to known Wi-Fi networks Complications on the watch face Workouts from apps can be counted towards Activity rings Workouts from apps can be included in Activity app on iPhone New support for system language in English (India), Finnish, Indonesian, Norwegian, and Polish New support for dictation in Dutch (Belgium), English (Ireland, Philippines, South Africa), French (Belgium), German (Austria), Spanish (Chile, Colombia) New support for smart replies in Traditional Chinese (Hong Kong, Taiwan), Danish, Dutch, English (New Zealand, Singapore), Japanese, Korean, Swedish, Thai Some features may not be available for all countries or all areas.For information on the security content of this update, please visit this website:http://support.apple.com/kb/HT1222