fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Recovers Most of Colonial Pipeline’s $4.4M Ransomware Payment

US Recovers Most of Colonial Pipeline’s $4.4M Ransomware Payment

The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation.

On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation. This shutdown led to temporary gas shortages on the east coast as people began to rush to stock up on gasoline.

Due to the critical nature of the outage, Colonial Pipeline paid a $4.4 million ransom to the DarkSide ransomware operation that allowed them to receive a decryption key and quickly bring their systems back online.

Faced with increased scrutiny by the US government and law enforcement, the DarkSide ransomware gang shut down their operation.

Also Read: PDPA Compliance Singapore: 10 Areas to Work on

DOJ recovers a portion of ransom payment

In a Justice Department press conference, the US Department of Justice announced today that seized a cryptocurrency wallet used by DarkSide ransomware that contained the ransom payment from Colonial Pipeline.

In an affidavit submitted to the U.S. Court for the Northern District of California, an FBI agent states that law enforcement gained control of a private key belonging to a DarkSide Bitcoin wallet holding the Colonial Pipeline ransom payment.

Having access to a cryptocurrency wallet’s private key allows for full access to the wallet and its funds.

Using this private key, the FBI recovered 63.7 Bitcoins of the approximately 75 Bitcoin payment sent by Colonial Pipeline. With the significant decrease in the price of Bitcoins since the payment, the recovered bitcoins are worth roughly $2.26 million at today’s prices.

It is not clear how the FBI gained access to the private key for the DarkSide wallet, but on May 14th, the ransomware gang claimed to have lost access to one of their payment servers.

“In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account,” the DarkSide ransomware operation told its affiliates.

If the private key was stored on this server to send payments to their affiliates, it is possible that the FBI recovered it when law enforcement seized the server.

Deputy Attorney General Lisa O. Monaco states that this is the first operation of this kind conducted by the recently launched Ransomware and Digital Extortion Task Force.

“The seizure announced today was conducted as part of the Department’s recently launched Ransomware and Digital Extortion Task Force, which was established to investigate, disrupt and prosecute ransomware and digital extortion activity.  This is the Task Force’s first operation of this kind.”

Also Read: What Does a Data Protection Officer Do? 5 Main Things

This recovery may be the first time the US government has publicly stated that they have recovered a ransom payment paid to a ransomware operation.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us