BitDepthFeatured

Ransomware report reveals Caricom-wide attacks

By
3 Mins read
1464
Share

Above: Illustration by swevil/123RF.com

BitDepth#1448 for March 04, 2024

The Ransomware Roundhouse, a report on the state of ransomware in 2023 was launched last week with a webinar discussing the findings and their implications.

The authors, Alex Samm of Tier 10 Technology and Shiva Parasram of the Computer Forensics and Security Institute, acknowledge that their findings are incomplete, based as they are on announcements by ransomware collectives of successful exfiltrations of company data from businesses.

The report lists 32 known breaches among Caricom nations. TT is second in a tie with the Dominican Republic with four known breaches and behind Dominica and Puerto Rico who led with six known breaches each.

The Caricom nations confirmed to have been hit by successful ransomware breaches were Antigua and Barbuda, The Bahamas, Barbados, Belize, Dominica, Grenada, Guyana, Haiti, Jamaica and Trinidad and Tobago.

Among the affected entities are insurance companies, logistics and supply businesses, retail and medical companies and a higher education institution.

The report redacts specific details about the companies or institutions affected, but lists the ransomware collectives responsible for the 2023 attacks.

The 8Base, Lockbit3, RansomEXX, Royal and Hive ransomware groups targeted TT and only Royal is currently listed as inactive.

These are all international criminal businesses, the authors warn, who do not discriminate based on company size, business sector or location.

“In 2023 we learned that no one was safe in the Caribbean region,” Parasram and Samm write.

“The sector, size of the organisation, technologies implemented, impact on the global stage, geo-political affiliations or even the GDP were of no matter. Threat actors were interested only in profits and chose their targets based on who was likely to suffer great losses (or fines where applicable), should they refuse to pay them.”

The authors also expressed concern that the list of 32 regional breaches is probably inaccurate, since it does not list ransomware attacks that ended in payment of the routinely exorbitant demands.

Groups such as LockBit3 list over 1,000 victims on their official dark web leak site for 2023, indicating that ransomware groups have become far more aggressive than seen in previous years and companies and organisations alike are in fact paying the ransoms.”

That conjecture is supported by the increase in ransoms paid in 2023, usually in some form of cryptocurrency.

“According to researchers at Chainalysis.com, the amount paid in ransoms for 2023 amounted to a staggering US$1.1 billion. This figure is almost double the amount paid in 2022 which totalled US$560 million.”

It’s notable that the breaches reported in Trinidad and Tobago were largely found on the dark web after ransoms were not paid and stolen data was released to the public.

The local fuzziness around ransomware is only made worse by the national disinclination to be open about these incidents.

In January, Minister of National Security Fitzgerald Hinds told a workshop hosted by his ministry, Caricom IMPACS and the EU that between 2019 and 2023, the TT Cyber Security Incident Response Team had recorded 205 successful cyberattacks with 52 of them occurring in 2023 alone.

There was no clarity about what the TTCSIRT logged as a successful cyberattack.
Were these attacks that were successful at penetrating a company’s digital security measures?

Were they cybersecurity attacks resulting in the infection of a secured computer system? Attacks that resulted in a data breach of sensitive data?

Attacks that breached secured systems, infiltrated them and suffered exfiltrated data and subsequent ransomware demands?

I ask this, because TechNewsTT, like many websites, is under almost continuous daily probing by dictionary password attacks, code injection intrusions and DDOS attempts.

Once a week, I need to specifically block an IP address for sustained and unrelenting efforts (200 or more attempts in less than an hour) to breach the website’s security systems.

Every attack is unnerving, but there is a steadily escalating scale of severity that this country is not capable – even in the face of widespread public concern – of assessing and tabulating in any meaningful way.

The TTCSIRT generally does not respond to requests for information from this columnist and when a response is given, its brevity approaches haiku.

It’s possible that the TTCSIRT is only reflecting what it is given, which is precious little from companies affected by cyberattacks.

Ransomware groups are unconstrained by geography, bureaucracy and certainly not by pride. They are also largely unconcerned about law enforcement.

Within days of a collective effort by international law enforcement agencies to shut down the darkweb presence of LockBit3, the ransomware group was back at a new onionsite link and posting fresh data, including a dump it alleged was exfiltrated from the FBI.

Local victims have overwhelmingly chosen to be respond to these incidents with a digital omerta until confronted with undeniable evidence of the breaches.

That’s a nonstop ride to where we are now. Nowhere.

Reaching the youth media audience

Reaching the youth media audience

By Mark Lyndersay  /  April 22, 2024
Credibility has become personal. Who is delivering the news and what is understood about them is becoming as important as the journalism itself
Read More
Next-gen news consumers. What do they want?

Next-gen news consumers. What do they want?

By Mark Lyndersay  /  April 15, 2024
It's no longer simply enough to keep producing the same news menu for an aging demographic and milking that diminishing audience.
Read More
Let’s talk backup. Again

Let’s talk backup. Again

By Mark Lyndersay  /  April 8, 2024
Computers have a functional life of around five years, and most media will last roughly that long before either becoming more prone to failure or simply running out of room.
Read More
The United States vs Apple

The United States vs Apple

By Mark Lyndersay  /  April 1, 2024
Apple's services, including AppleTV, Apple Music and Apple Pay, account for 22 per cent of the company's revenue and it's drawing the lion's share of the concern articulated in the...
Read More
The state of Trinidad newsrooms

The state of Trinidad newsrooms

By Mark Lyndersay  /  March 25, 2024
"In a developing country like Trinidad and Tobago where there are no specifications for a tertiary education to be a journalist."
Read More
Reggie’s gone. What we lost

Reggie’s gone. What we lost

By Mark Lyndersay  /  March 18, 2024
The public service he retired from had drifted far from even those post-Colonial dreams
Read More
The Meta fail: Why you should be a digital homeowner

The Meta fail: Why you should be a digital homeowner

By Mark Lyndersay  /  March 11, 2024
Facebook has not explained how its services, used by an estimated three billion people around the world, stopped working.
Read More
Ransomware report reveals Caricom-wide attacks

Ransomware report reveals Caricom-wide attacks

By Mark Lyndersay  /  March 4, 2024
The Lockbit3, 8Base, RansomEXX, Royal and Hive ransomware groups are all international criminal businesses who do not discriminate based on company size, business sector or location.
Read More
Carnival: ritual, tradition and events

Carnival: ritual, tradition and events

By Mark Lyndersay  /  February 26, 2024
Carnival needs is a serious rethinking of its entrenched competition economy.
Read More
Professional perspectives on new cybercrime laws

Professional perspectives on new cybercrime laws

By Mark Lyndersay  /  February 19, 2024
The Digital Transformation Plan still isn't published. The consultation hasn't put a green paper out yet.
Read More
The issues arising from new cybercrime laws

The issues arising from new cybercrime laws

By Mark Lyndersay  /  February 12, 2024
Proper reporting of breach incidents is paramount to balance the needs of all stakeholders, including customers, regulators, and shareholders."
Read More
Samsung introduces new S24 smartphones

Samsung introduces new S24 smartphones

By Mark Lyndersay  /  February 5, 2024
A new ProVisual engine that purports to improve photos using artificial intelligence, including AI powered image editing makes image falsification easier.
Read More
How Denis O’Brien lost control of Digicel

How Denis O’Brien lost control of Digicel

By Mark Lyndersay  /  January 29, 2024
O'Brien had extracted millions from the company as dividends on his shareholding, which Moody's described as "debt-funded shareholder payouts,"
Read More
The end of the trolley bag: How the Judiciary made the Criminal Court digital

The end of the trolley bag: How the Judiciary made the Criminal Court digital

By Mark Lyndersay  /  January 22, 2024
All case participants, attorneys, judge, master or their support staff, would be able to upload their evidence, their depositions, their statements, their documents.
Read More
The Judiciary’s big digital transformation

The Judiciary’s big digital transformation

By Mark Lyndersay  /  January 15, 2024
Between 2020, and 2023 the pace accelerated further with the introduction of electronic document filing, the establishment of CourtMail the introduction of digital stamps and signatures, and a new case...
Read More
There will be blood

There will be blood

By Mark Lyndersay  /  January 8, 2024
The sharpness of a safety razor's blade ensures a nick or two until you get used to handling them.
Read More
The razor’s edge – Tools for shaving

The razor’s edge – Tools for shaving

By Mark Lyndersay  /  January 1, 2024
Canned shaving creams are a terrible and cruel joke and you’re better off building a lather with a neutral soap like Pears or Neutrogena.
Read More
My favorite things: iOS apps

My favorite things: iOS apps

By Mark Lyndersay  /  December 25, 2023
Software admitted to the iOS app store must abide by Apple's strict guidelines on what software can and cannot do on their mobile platform.
Read More
My favorite things: Android apps

My favorite things: Android apps

By Mark Lyndersay  /  December 18, 2023
My favorite optional apps that you can add to your Android device that will give it character while serving you.
Read More
Which smartwatch: Apple or Galaxy?

Which smartwatch: Apple or Galaxy?

By Mark Lyndersay  /  December 11, 2023
Apple's gallery of watch-faces is anaemic compared to what you can get for a Wear OS based Galaxy smartwatch.
Read More
Reaching the youth media audience Reaching the youth media audience April 22, 2024
Next-gen news consumers. What do they want? Next-gen news consumers. What do they... April 15, 2024
Let’s talk backup. Again Let’s talk backup. Again April 8, 2024
The United States vs Apple The United States vs Apple April 1, 2024
The state of Trinidad newsrooms The state of Trinidad newsrooms March 25, 2024
Reggie’s gone. What we lost Reggie’s gone. What we lost March 18, 2024
The Meta fail: Why you should be a digital homeowner The Meta fail: Why you should... March 11, 2024
Ransomware report reveals Caricom-wide attacks Ransomware report reveals Caricom-wide attacks March 4, 2024
Carnival: ritual, tradition and events Carnival: ritual, tradition and events February 26, 2024
Professional perspectives on new cybercrime laws Professional perspectives on new cybercrime laws February 19, 2024
The issues arising from new cybercrime laws The issues arising from new cybercrime... February 12, 2024
Samsung introduces new S24 smartphones Samsung introduces new S24 smartphones February 5, 2024
How Denis O’Brien lost control of Digicel How Denis O’Brien lost control of... January 29, 2024
The end of the trolley bag: How the Judiciary made the Criminal Court digital The end of the trolley bag:... January 22, 2024
The Judiciary’s big digital transformation The Judiciary’s big digital transformation January 15, 2024
There will be blood There will be blood January 8, 2024
The razor’s edge – Tools for shaving The razor’s edge – Tools for... January 1, 2024
My favorite things: iOS apps My favorite things: iOS apps December 25, 2023
My favorite things: Android apps My favorite things: Android apps December 18, 2023
Which smartwatch: Apple or Galaxy? Which smartwatch: Apple or Galaxy? December 11, 2023

🤞 Get connected!

A once weekly email notification of new stories on TechNewsTT. Just that. No spam.

Possible UI Glitch. Click top right corner to dismiss 👉

Get Connected!

A once weekly email notification of new stories on TechNewsTT.

Just that. No spam.

1464
Share
Related posts
FeaturedPress Releases

Pinaka Consulting partners with Flexxon

By
2 Mins read
AI is an enabler.  Threat actors are getting better at communication in English using ChatGPT.
FeaturedNews Briefs

NIBTT closed to assess Boxing Day ransomware attack

By
4 Mins read
The NIBTT has reported the incident to the Trinidad and Tobago Cyber Security Incident Response Team (TT-CSIRT) under the Ministry of National Security.
FeaturedNews Briefs

Updated: AlphaV "unseizes" stolen PriceSmart data, releases 500GB of data

By
1 Mins read
AlphaV’s darkweb onionsite was siezed by a coalition of law enforcement agencies and shut down today.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback
Roundup: for the week ending 10 March 2024 | ICT Pulse – The leading technology blog in the Caribbean
1 month ago

[…] Caribbean – The Ransomware Roundhouse, a report on the state of ransomware in 2023 was launched last week with a webinar discussing the findings and their implications… more […]

0
Reply
wpdiscuz   wpDiscuz
×
FeaturedOpinion

What the blockchain tells us about the big business of ransomware

By
1
0
Share your perspective in the comments!x
()
x