At a glance.
- Babuk ransomware described.
- Mixed signals on healthcare and ransomware?
- ByteDance offers to settle TikTok privacy class action suit.
Babuk ransomware described.
McAfee yesterday released a study of Babuk, a new strain of ransomware detected early this year. It follows the now-routine practice of ransomware gangs of doxing its victims as well as encrypting their files to render them inaccessible. Babuk is another entry into the ransomware-as-a-service market, whose operators hawk it in both Russophone and Anglophone criminal-to-criminal souks. It uses the familiar attack vectors common in the ransomware space: phishing emails, of course, but also exploitation of compromised accounts and access gained through unpatched systems with known vulnerabilities.
Babuk’s criminal customers seem, so far, to be most interested in hitting victims in the transportation, healthcare, plastics, electronics, and agricultural sectors. Their activity has extended to a number of geographical regions, and the malware doesn’t use the sorts of local language checks often employed to keep the operators out of hot water in countries whose legal systems tend to be vigilant and unforgiving. McAfee’s notes on Babuk see an interesting division of labor across its two principal linguistic communities. The operators will use an English-language forum for announcements, but a Russian-language forum for “affiliate recruitment and ransomware updates.”
Mixed signals on healthcare and ransomware.
Recorded Future reports that ransomware attacks on healthcare organizations seemed to drop off during January. "There were just two ransomware attacks on healthcare organizations in January," the report said, "a fourfold decrease from the monthly average in 2020. State and local governments reported four ransomware incidents in January—that compares to 14 attacks in December of last year and 15 attacks from one year prior." It's unclear why the number of attacks fell, and it's also unclear if the change represents the beginning of a long-term or amounts to nothing more than a temporary anomaly. Some high-profile crackdowns on ransomware gangs might, Recorded Future thinks, offer some grounds for optimism, but it's too soon to tell.
In any case, healthcare organizations remain attractive targets. Their data are valuable and sensitive, and the organizations themselves find securing their networks a challenge. Darren Guccione, CEO of Keeper Security, emailed comments on the security challenges the healthcare sector faces:
“Ransomware has become a lucrative business for cybercriminals. These attacks take little technical expertise to launch, with almost an immediate payday. The problem we're seeing is that many healthcare organizations simply don’t know how to protect against ransomware. There are immediate steps they can take to harden their defenses, starting with password security. Weak or stolen passwords are responsible for over 80% of data breaches. In addition, organizations should subscribe to a Dark Web monitoring service. These services scan Dark Web forums and notify organizations in real-time if any of their employee passwords have been compromised, allowing IT administrators to force password resets right away."
ByteDance settles suit over TikTok data collection.
The Wall Street Journal reports that TikTok's corporate parent has reached a settlement in a class action suit alleging misuse of children's and teenagers' personal data. In a settlement filed in the US District Court for the Northern District of Illinois, ByteDance has agreed to pay $95 million to establish a victims' compensation fund in response to class action suits alleging that the company's TikTok social media platform violated user privacy. The plaintiffs alleged that "the TikTok app infiltrates its users' devices and extracts a broad array of private data including biometric data and content the Defendants use to track and profile TikTok users for the purpose of, among other things, ad targeting and profit." The Journal quotes a TikTok representative as saying, “While we disagree with the assertions, rather than go through lengthy litigation, we’d like to focus our efforts on building a safe and joyful experience for the TikTok community.”