Cable krebs ransomwhere2/18/2023 “Ransomwhere is a great example of how members of the cybersecurity community are working together to try to combat ransomware,” she said via email. She also said that while it might offer an avenue for organizations cautious about disclosing data to government agencies to share information, it won’t be a complete database. Nickels told CyberScoop she thought that Cable’s idea “comes with some challenges,” namely in verifying the accuracy of data submitted to the site. In terms of total payments received, the NetWalker gang leads all-time in the data Cable has collected to date, with more than 3,000 payments compared to nearly 750 payments to Ryuk, the gang receiving the second most. Anyone can download the resulting database. He’s been working to build a starting trove of information since, tracking nearly $57 million in payments so far. He’s also hoping to team up with other security and blockchain analysis companies that track ransomware data via other means.Ī June tweet about the ransomware data gap from Katie Nickels, director of intelligence for cybersecurity company Red Canary, helped inspire Ransomwhere, Cable said. ![]() “Having public transparency around the impact of ransomware, especially as we’re proposing and considering different actions to try to combat ransomware - we’ll need a way of seeing whether those actions actually work,” Cable said in an interview with CyberScoop.Ĭable, who besides his college studies works as a security architect at the Krebs-Stamos Group consultancy and a hacker at the Defense Department’s Defense Digital Service, said he will head the crowdsourcing project in his spare time. That’s the impetus behind a project that Stanford University student and security researcher Jack Cable launched on Thursday, dubbed “ Ransomwhere ,” a plan to track payments to bitcoin addresses associated with known ransomware gangs. That, combined with the suspicious that most victims don’t, report their digital extortion payments, makes it harder for law enforcement and security firms to combat attacks, or even understand how to fight them. So far, Cable relies only on publicly available materials to expand its database, but the researcher told The Record that he is already exploring “the possibility of partnerships with analytical companies in the field of information security and blockchain to integrate the data they may have about the victims.Ransomware has never been more of a national security concern after a string of hacks against the fuel supplier Colonial Pipeline, meat giant JBS and perhaps thousands of others compromised after breach at a large IT firm.įew people, if any, seem to grasp the breadth and cost of the scourge, as there are no legal requirements for victims to disclose when they pay hackers to unlock their network. The creator of the project hopes that the anonymous exchange of payment data through a third-party service, such as Ransomwhere, will remove some barriers in the information security community, such as nondisclosure agreements and business competition. The main idea is to create a centralized system that tracks payments sent by hackers, which will allow them assessing the scale of their profits and operations more accurately, about which very little is known. Then this address will be indexed in the public database. ![]() ![]() In general, the site is very simple: it allows victims of ransomware attacks and security specialists to transfer copies of their ransom notes to Ransomwhere, as well as report the amount of the ransom and the bitcoin address to which the victims transferred the payment. Unfortunately, such a database can be easily corrupted by fake material, but to counter this, Cable plans to study all submissions, and in the future plans to add a voting system for individuals so that reports can be flagged as fake. This database, devoid of any personal information, will be available to information security specialists and law enforcement officers for free download. Jack Cable, Stanford’s student and Krebs Stamos Group cybersecurity researcher created the Ransomwhere project that is free and open database of payments that have been transferred to various ransomware hack groups.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |