The city hall of Oldsmar, Florida (Photo: City of Oldsmar)
Investigators at industrial cybersecurity specialist Dragos say an employee of the water treatment plant in Oldsmar, Florida, where a cyberattack was thwarted, had visited an infected website the same day, but that apparently played no role in the security incident.
The city worker visited the infected website, which belongs to a general contractor in Florida that services the water and waste industries, writes Kent Backman, an adversary hunter at Dragos. The visit occurred on Feb. 5, the same day that an attacker attempted to increase the levels of lye that would be added to the city s water, an action that was spotted and stopped (see:
Fellow, Team Cymru
David has been with Team Cymru since 2007. Prior, he served in the US Marine Corps as a Non-Commissioned Officer. He then worked at Indiana University where he helped to build some of the most powerful computational systems of their day. He transitioned to cybersecurity and helped launch the Research and Education Networking ISAC. At Team Cymru, he has been an engineering leader a Community Services team member, and a security analyst. David led efforts to secure the firm’s intelligence infrastructure and established processes the firm relies on today. Currently, David assists CSIRT teams worldwide and fosters data sharing partnerships.
BankInfoSecurity
Compliance
DougOlenick) • May 18, 2021
Ransom payment amounts generated by DarkSide ransomware (Source: Elliptic)
The DarkSide ransomware gang apparently collected over $90 million in ransom payments from about 47 victims, including Colonial Pipeline Co., since the gang began operating in August 2020, according to the blockchain analytics firm Elliptic, which says it analyzed bitcoin wallet activity.
Using the ransomware-as-a-service model, the DarkSide gang, which says it shut down operations as of May 13, provided malware to affiliates, who infect targeted computer systems and negotiate ransom payments. The DarkSide gang reportedly took a 25% share for ransoms less than $500,000, gradually decreasing to a 10% share for ransoms greater than $5 million, with the affiliates getting the remainder, writes Tom Robinson, Elliptic s co-founder and chief scientist, in a blog Tuesday.
Preparing for Shift Left - GovInfoSecurity govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.