At a glance.
- UK's NCA and NCSC release a study of the cybercriminal underworld.
- HijackLoader's growing share of the C2C market.
- WinRAR vulnerability explained. Spyware in malicious Telegram apps.
- Russia's hacker diaspora in Turkey.
- Russian cyber diplomat warns against US escalation in cyberspace.
- Update on Starlink's availability in the Black Sea.
UK's NCA and NCSC release a study of the cybercriminal underworld.
The UK’s National Cyber Security Centre (NCSC) and National Crime Agency (NCA) have published a report looking at ransomware’s place in the cybercrime ecosystem, outlining the attack chain used by ransomware actors. The agencies believe a broad view of the ransomware landscape is necessary to address the problem more effectively. “While on the surface, an attack can be attributed to a piece of ransomware (such as Lockbit), the reality is more nuanced, with a number of cyber criminal actors involved throughout the process. Tackling individual ransomware variants – something which the NCSC and NCA are frequently challenged on – is akin to treating the symptoms of an illness, and is of limited use unless the underlying disease is addressed. Taking a more holistic view by understanding the elements of the wider ecosystem allows us to better target the threat actors further upstream, in addition to playing ‘whack-a-mole’ with the ransomware groups.” For more on the NCA and NCSC report, see CyberWire Pro.