DarkSide May Not Stay Dark For Long

There are few more serous forms of hacking than malware attacks designed to extort Ransom. Ransomware denies the computer owner the ability to make further use of the computer systems. In some cases, it has resulted in the loss of life because critical medical systems were attacked and could not be brought back live on time. One of the most potent Ransomware groups is known as  Darkside

DarkSide is believed to be based in Russia, but is not sponsored by the government there and they have previously claimed that its members are not allowed to mount attacks on targets in Russia, Ukraine, Georgia, or Belarus, suggesting some toleration of their criminal activity by these states. 

When US President Joe Biden met  Russian president Vladimir Putin at a summit in Switzerland this month, he called for mutual cooperation to end the ransom  exploits of Darkside and other Russian-based hackers, who are accused by the US Government of being responsible for both the Colonial Pipeline and the much larger SolarWinds attacks.

While DarkSide, was allegedly disbanded after carrying out the Colonial Pipeline ransomware attack, they may come back soon, using the same method under a different name, according to US intelligence sources

Research published recently by London-based blockchain analytics firm Elliptic appears to show that DarkSide extorted more than $90m in Bitcoin before supposedly halting its illegal activities. US cyber security experts have warned that 'certain countries' were turning a blind eye to the cyber criminal activity emanating from within their borders. 

Speaking to reprters, the acting Director of the National Counter Intelligence and Security Center Michael Orlando said: "We do know that countries like Russia and China, Iran and others certainly create safe havens for criminal hackers as long as they don’t conduct attacks against them."But that’s a challenge for us that we’re going to have to work through as we figure out how to counter ransomware attacks."

Assistant Attorney General of the Department of Justice’s National Security Division John Demers told CNBC that the Colonial Pipeline attack highlighted the issue of "nation-states serving as safe havens for criminal cyber-actors." Demers said that "nation-states aren’t doing their part to investigate and root out hacking activity happening within their borders." He went on to suggest that DarkSide, far from going dark, could be "just off renaming themselves.... Groups like that will come back.”

CNBC:     Elliptic:     TechRepublic:   Infosecurity Magazine:   The Cybersecurity:    Intellfence:   jioforme:  Image: Unsplash

You Might Also Read:

Russian Spy Chief Says SolarWinds Was An Inside Job:

 

« Remote Working & Cyber Security
Negotiating Ransom: To Pay Or Not? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / Zero Trust Network Access Guide

Perimeter 81 / Zero Trust Network Access Guide

Curious how you can Implement a Zero Trust roadmap with insights from Gartner? Download this free report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Axiomatics

Axiomatics

Axiomatics provides dynamic authorization and access control solutions to protect critical data assets.

Seagate

Seagate

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

CyberOwl

CyberOwl

CyberOwl's early warning system uses a probabilistic framework to systematically aggregate uncertain and disparate security events to provide real-time visibility of threats to every asset.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

NT Cyfence

NT Cyfence

CAT Cyfence is the IT Security services business unit of CAT Telecoms.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

SideChannel

SideChannel

At SideChannel, we match companies with an expert virtual CISO (vCISO), so your organization can assess cyber risk and ensure cybersecurity compliance.