Security & Fraud

New Strain Of Ransomware Striking US, European Firms 

Cyber insurance claims are spiking as a new type of ransomware targets companies across the U.S. and Europe, the The Financial Times reported on Sunday (Aug. 11).

Sodinokibi is on the attack, making higher ransom demands, hijacking companies’ systems and demanding bitcoin payment in exchange for a decryption key.

Cyber insurance security responder Tom Bennett of CFC Underwriting told the FT that claims surged in June and July.

“Ransomware groups tend to target people in the Anglosphere, who are seen as able to pay and deserving of what they get. They tend not to target poorer countries,” he told the FT, adding that payment demands are higher than usual.

“The threat actors realized they can amplify their impact by targeting specific companies such as managed service providers,” said Bennett. “They are getting into an administration system, finding lists of client credentials and then installing [Sodinokibi] on all the clients’ systems.”

Recent Sodinokibi ransom payoffs hit $150,000 and more compared to the average of under $50,000, insurance broker Gallagher told the FT.

Sodinokibi usually attacks through the victims’ systems or suppliers, with outsourced IT service providers being especially vulnerable.

“This type of aggregated scenario worries the insurers — one systemic issue leads to a lot of claims,” Tom Draper, head of cyber at Gallagher, told the FT. 

Sodinokibi’s creator is unknown, but Bennett told the FT that the bug is programmed to leave systems in the former Soviet states untouched.

Cyber insurance insiders believe Sodinokibi was spawned by the same hackers who created the ransomware GandCrab that struck earlier this year. The GandCrab bug was also put up for sale on the dark web to spread the attacks.

The pain points of cyberattacks go far beyond just getting a system up and running again. The full financial cost of a data breach can last two or three years. Then there is the reputational damage that can also last years.

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW