Forensic Update

Reflections on information management within the legal and regulatory arena

Posts Tagged ‘CyberSecurity’

Today’s #GoodGuysPrevail Update…

Posted by Johnny Lee on November 9, 2021

This one is a sequel to the wonderful news reported last week (whereby the Russian-based #REvil gang was forced offline) … there have now been arrests related to same!

Last week’s reporting, about a multi-national #lawenforcement operation taking REvil offline, can now be updated to include the arrests of two individuals. This brings the number of Sodinokibi / REvil / GandCrab arrests (all variations of the same odious theme) to seven individuals since February 2021.

These individuals are believed to be responsible for over 7,000 deployments of this complex and devastating ransomware, resulting in hundreds of millions of dollars in extortion revenue. To call this a multi-national effort is to understate things quite a bit; the countries involved in the take-down and related arrests include: Australia, Belgium, Canada, France, Germany, the Netherlands, Luxembourg, Norway, Philippines, Poland, Romania, South Korea, Sweden, Switzerland, Kuwait, the United Kingdom, and the United States.

These efforts, in combination with new initiatives from the international law-enforcement community are most welcome developments. A great example of the changing nature of this ransomware game can be found in the U.S. Department of State‘s recent announcement of a $10M “bounty” for information leading to the arrest of those involved with the #Darkside#ransomware activities (q.v., https://lnkd.in/dkxAXXAH)

cybersecurity #hacking #cyberdefense #cyberwarfare #digitalforensics #dfir #databreach #karma #justice #cyber

Posted in eDiscovery | Tagged: , , , , | Comments Off on Today’s #GoodGuysPrevail Update…

Today’s #GoodGuysPrevail Update…

Posted by Johnny Lee on July 12, 2021

Yet another international #lawenforcement operation has netted seizures of a #cybercrime organization’s assets based in Russia. The threat actors in question here ran the #DoubleVPN service, a Russian-based service that double, triple, and even quadruple-encrypts data sent through its infrastructure. This service was used by malicious actors to obfuscate geolocations and originating IP addresses when performing cyber attacks.

As always, these kinds of inquiries represent exhaustive forensics and diligent investigative efforts. The key players involved in the takedown are the Politie Nederland (Dutch National Police), supported by Europol. Kudos to all involved in this initiative!


#crimeandjustice #cybersecurity #police #infosec #informationsecurity #security #databreaches

Posted in eDiscovery | Tagged: , , , | Comments Off on Today’s #GoodGuysPrevail Update…

 
%d bloggers like this: