The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was.
The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking appeared first on SecurityWeek.
Attackers are actively exploiting a zero-day vulnerability affecting some Palo Alto Networks’ customers’ firewalls, the security vendor said in an advisory Tuesday.
The critical memory corruption vulnerability — CVE-2026-0300 — affects the authentication portal of PAN-OS, and allows unauthenticated attackers to run code with root privileges on the vendor’s PA-Series and VM-Series firewalls, the company said.
Palo Alto Networks did not say when or how it became aware of active exploitation, nor when the earliest known exploitation occurred. The Cybersecurity and Infrastructure Security Agency added the defect to its known exploited vulnerabilities catalog Wednesday.
The company hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.
“This vulnerability is specific to a limited number of customers with their User-ID Authentication Portal (Captive Portal) exposed to the public internet or untrusted IP addresses. We have observed limited exploitation of this issue and are working to release software fixes, with the first updates expected to be available on May 13,” a Palo Alto Networks spokesperson told CyberScoop.
The company said firewalls exposed to the buffer-overflow vulnerability, which has a CVSS rating of 9.3, are broadly exposed in real-world deployments, and it described the attack complexity as low.
Shadowserver scans found more than 5,800 publicly exposed VM-Series firewalls running PAN-OS as of Tuesday, yet it’s unknown how many of those instances have restricted authentication access to trusted internal IP addresses or disabled the feature altogether.
“We have provided clear mitigation guidance to our customers to secure their environments immediately. This issue does not impact Cloud NGFW or Panorama appliances. We remain committed to a transparent, security-first approach to protect our global customer base,” Palo Alto Networks’ spokesperson added.
Benjamin Harris, CEO and founder of watchTowr, noted that Palo Alto Networks proactively alerted customers to the zero-day, a step that allowed defenders to take action on potentially exposed instances.
“In a bad situation, that is the best they can do immediately. However, that also alerts everyone to the existence of a vulnerability,” he told CyberScoop.
Despite the risk, Harris said watchTowr expects attacks linked to the zero-day exploit to be “very limited.”
Palo Alto Networks and its impacted customers remain the only parties to have observed exploitation in the wild, but researchers warn that will likely change soon.
“It’s likely rules will also start to fire in third-party organizations and honeypots shortly,” Caitlin Condon, vice president of security research at VulnCheck, told CyberScoop.
“Management interfaces, login pages, and authentication portals have been common adversary targets for both opportunistic and targeted campaigns in recent years,” she added. “With researcher and community eyes on the vulnerability, it’s likely that we’ll see public exploits and broader exploitation quickly, provided the issue isn’t prohibitively difficult to exploit.”
Palo Alto Networks has yet to attribute the attacks to any known threat group, publish indicators or compromise, nor disclose the type of organizations that have been targeted and impacted.
Researchers are hunting for malicious activity and advise customers to apply patches upon release.
The post A critical Palo Alto PAN-OS zero-day is being exploited in the wild appeared first on CyberScoop.
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls.
The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek.
A pair of persistent and problematic threat groups affiliated with The Com are actively targeting organizations across multiple critical infrastructure sectors for rapid data theft and extortion attacks, according to CrowdStrike.
The financially-motivated attackers, which CrowdStrike tracks as Cordial Spider and Snarky Spider, have used voice-phishing and social engineering attacks to break into victims’ identity platforms and traverse SaaS environments since at least October 2025, the company said in a report Thursday, which it shared exclusively with CyberScoop prior to release.
Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, said the subgroups composed of native English speakers primarily target U.S.-based organizations in the academic, aviation, retail, hospitality, automotive, financial services, legal and technology sectors.
This “new wave of ecrime threat actors” are closely aligned with Scattered Spider and linked to other subsets of The Com, including SLSH and ShinyHunters, Meyers said.
Because these attacks target identity systems and can expose data in other connected services beyond the initial breach point, it’s difficult to determine how many victims have been caught up in these campaigns.
CrowdStrike’s warning closely follows research Palo Alto Networks’ Unit 42 and the Retail & Hospitality Information Sharing and Analysis Center shared last week about Cordial Spider’s string of attacks targeting organizations in the retail and hospitality industry, among others.
Cordial and Snarky Spider have set lures via voice calls, text messages and emails directing targeting employees to phishing pages posing as their employer’s legitimate single sign-on page or primary identity provider, researchers said.
These phishing pages, which capture credentials, session keys or tokens, depending on the workflow, provide attackers an entry point into systems, which they exploit for widespread access across victims’ entire SaaS ecosystems.
Attackers use these initial hooks to remove and establish multi-factor authentication devices, then delete emails and other alerts that would otherwise warn organizations of potential malicious activity, researchers said.
The data theft for extortion campaigns share striking similarities, but CrowdStrike said the tactics, techniques and procedures for each subgroup are distinct. These variances include hours of operation, different phishing domain providers, preferred operating systems, data leak sites, and the tools or devices they used to register for multi-factor authentication.
The domain for BlackFile, Cordial Spider’s data-leak site, was offline as of Wednesday, according to Meyers.
CrowdStrike declined to put a range on the groups’ extortion demands, but Unit 42 previously said Cordial Spider, which is also tracked as CL-CRI-1116 and UNC6671, are typically in the seven-figure range.
Some victims that didn’t pay extortion demands have been subjected to DDoS attacks, and Snarky Spider has used more aggressive follow-on harassment tactics, including the swatting of victim organizations’ employees, Meyers said.
CrowdStrike said Cordial and Snarky Spider also use residential proxy networks — including Mullvad, Oxylabs, NetNut, 9Proxy, Infatica and NSOCKS — to evade IP-based detection and blend in with typical traffic.
Residential proxy networks, which rely on IP addresses assigned to real home users, can serve a legitimate purpose, but researchers have been warning that unethical or outright criminal operators are abusing these networks to build and support botnets, cybercrime campaigns, espionage and other malicious activity.
Cordial and Snarky Spider haven’t achieved the impact or technical capability of Scattered Spider, but the groups share many commonalities and objectives, Meyers said.
“They’ve kind of taken their playbook and they’re using a lot of their techniques, but we haven’t really seen the technical sophistication demonstrated by them that we saw from Scattered Spider,” he said. “It’s kind of the new generation of Scattered Spider.”
The post Two new extortion crews are speedrunning the Scattered Spider playbook appeared first on CyberScoop.
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.
An Archer AX21 router from TP-Link. Image: tp-link.com.
For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs. Until recently, it was less than clear who or what was behind these digital sieges. That changed earlier this month when a trusted source who asked to remain anonymous shared a curious file archive that was exposed in an open directory online.
The exposed archive contained several Portuguese-language malicious programs written in Python. It also included the private SSH authentication keys belonging to the CEO of Huge Networks, a Brazilian ISP that primarily offers DDoS protection to other Brazilian network operators.
Founded in Miami, Fla. in 2014, Huge Networks’s operations are centered in Brazil. The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider. It does not appear in any public abuse complaints and is not associated with any known DDoS-for-hire services.
Nevertheless, the exposed archive shows that a Brazil-based threat actor maintained root access to Huge Networks infrastructure and built a powerful DDoS botnet by routinely mass-scanning the Internet for insecure Internet routers and unmanaged domain name system (DNS) servers on the Web that could be enlisted in attacks.
DNS is what allows Internet users to reach websites by typing familiar domain names instead of the associated IP addresses. Ideally, DNS servers only provide answers to machines within a trusted domain. But so-called “DNS reflection” attacks rely on DNS servers that are (mis)configured to accept queries from anywhere on the Web. Attackers can send spoofed DNS queries to these servers so that the request appears to come from the target’s network. That way, when the DNS servers respond, they reply to the spoofed (targeted) address.
By taking advantage of an extension to the DNS protocol that enables large DNS messages, botmasters can dramatically boost the size and impact of a reflection attack — crafting DNS queries so that the responses are much bigger than the requests. For example, an attacker could compose a DNS request of less than 100 bytes, prompting a response that is 60-70 times as large. This amplification effect is especially pronounced when the perpetrators can query many DNS servers with these spoofed requests from tens of thousands of compromised devices simultaneously.
A DNS amplification and reflection attack, illustrated. Image: veracara.digicert.com.
The exposed file archive includes a command-line history showing exactly how this attacker built and maintained a powerful botnet by scouring the Internet for TP-Link Archer AX21 routers. Specifically, the botnet seeks out TP-Link devices that remain vulnerable to CVE-2023-1389, an unauthenticated command injection vulnerability that was patched back in April 2023.
Malicious domains in the exposed Python attack scripts included DNS lookups for hikylover[.]st, and c.loyaltyservices[.]lol, both domains that have been flagged in the past year as control servers for an Internet of Things (IoT) botnet powered by a Mirai malware variant.
The leaked archive shows the botmaster coordinated their scanning from a Digital Ocean server that has been flagged for abusive activity hundreds of times in the past year. The Python scripts invoke multiple Internet addresses assigned to Huge Networks that were used to identify targets and execute DDoS campaigns. The attacks were strictly limited to Brazilian IP address ranges, and the scripts show that each selected IP address prefix was attacked for 10-60 seconds with four parallel processes per host before the botnet moved on to the next target.
The archive also shows these malicious Python scripts relied on private SSH keys belonging to Huge Networks’s CEO, Erick Nascimento. Reached for comment about the files, Mr. Nascimento said he did not write the attack programs and that he didn’t realize the extent of the DDoS campaigns until contacted by KrebsOnSecurity.
“We received and notified many Tier 1 upstreams regarding very very large DDoS attacks against small ISPs,” Nascimento said. “We didn’t dig deep enough at the time, and what you sent makes that clear.”
Nascimento said the unauthorized activity is likely related to a digital intrusion first detected in January 2026 that compromised two of the company’s development servers, as well as his personal SSH keys. But he said there’s no evidence those keys were used after January.
“We notified the team in writing the same day, wiped the boxes, and rotated keys,” Nascimento said, sharing a screenshot of a January 11 notification from Digital Ocean. “All documented internally.”
Mr. Nascimento said Huge Networks has since engaged a third-party network forensics firm to investigate further.
“Our working assessment so far is that this all started with a single internal compromise — one pivot point that gave the attacker downstream access to some resources, including a legacy personal droplet of mine,” he wrote.
“The compromise happened through a bastion/jump server that several people had access to,” Nascimento continued. “Digital Ocean flagged the droplet on January 11 — compromised due to a leaked SSH key, in their wording — I was traveling at the time and addressed it on return. That droplet was deprecated and destroyed, and it was never part of Huge Networks infrastructure.”
The malicious software that powers the botnet of TP-Link devices used in the DDoS attacks on Brazilian ISPs is based on Mirai, a malware strain that made its public debut in September 2016 by launching a then record-smashing DDoS attack that kept this website offline for four days. In January 2017, KrebsOnSecurity identified the Mirai authors as the co-owners of a DDoS mitigation firm that was using the botnet to attack gaming servers and scare up new clients.
In May 2025, KrebsOnSecurity was hit by another Mirai-based DDoS that Google called the largest attack it had ever mitigated. That report implicated a 20-something Brazilian man who was running a DDoS mitigation company as well as several DDoS-for-hire services that have since been seized by the FBI.
Nascimento flatly denied being involved in DDoS attacks against Brazilian operators to generate business for his company’s services.
“We don’t run DDoS attacks against Brazilian operators to sell protection,” Nascimento wrote in response to questions. “Our sales model is mostly inbound and through channel integrator, distributors, partners — not active prospecting based on market incidents. The targets in the scripts you received are small regional providers, the vast majority of which are neither in our customer base nor in our commercial pipeline — a fact verifiable through public sources like QRator.”
Nascimento maintains he has “strong evidence stored on the blockchain” that this was all done by a competitor. As for who that competitor might be, the CEO wouldn’t say.
“I would love to share this with you, but it could not be published as it would lose the surprise factor against my dishonest competitor,” he explained. “Coincidentally or not, your contact happened a week before an important event – one that this competitor has NEVER participated in (and it’s a traditional event in the sector). And this year, they will be participating. Strange, isn’t it?”
Strange indeed.
Researchers warn that BlackFile, an extortion group likely associated with The Com, continues to impersonate IT support in voice-phishing and social engineering attacks that have impacted organizations in multiple industries, including healthcare, technology, transportation, logistics, wholesale and retail.
Attackers have been actively targeting organizations in the retail and hospitality industry since February, according to Unit 42’s latest intelligence on the campaign, which the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) released alongside indicators of compromise Thursday.
The threat group, which is also tracked as CL-CRI-1116, UNC6671 and Cordial Spider, appears to be targeting victims opportunistically in a campaign that remains active and ongoing, Matt Brady, senior principal researcher at Palo Alto Networks’ Unit 42, told CyberScoop.
“The core objective of these threat actors is to pressure targeted organizations into paying large ransom demands, typically in the seven-figure range,” Brady said.
Unit 42 declined to say how many organizations have been impacted thus far, and RH-ISAC did not respond to a request for comment.
BlackFile’s attacks against companies in the retail and hospitality sector are part of a broader wave of voice-phishing attacks initiated by multiple cybercrime groups, which Google Threat Intelligence Group and Okta warned about in January.
Unit 42 also noted that BlackFile’s activities overlap with an ongoing data theft and extortion campaign CrowdStrike has been tracking as Cordial Spider since at least October 2025.
Yet, the threat group’s tactics have been far from cordial. RH-ISAC said some attackers have swatted company personnel, including executives, to increase leverage and pressure victims to pay their ransom demands.
The threat group lures victims via voice-phishing attacks and phishing pages mimicking corporate single-sign on services to steal credentials before moving into privileged accounts.
“They scrape internal employee directories to obtain contact lists for executives,” RH-ISAC wrote in a blog post. “By compromising these senior accounts via further social engineering, they gain persistent, broad-spectrum access to the environment that mirrors legitimate executive session activity.”
The group’s unauthorized access and data theft for extortion activity spans SaaS environments, Microsoft Graph API permissions, Salesforce API access, internal repositories, SharePoint sites and datasets containing employee’s phone numbers and business records.
BlackFile also created a data-leak site to extort victims that it claims ignored or failed to agree to its demands, according to researchers.
Brady said Unit 42 has observed relatively consistent activity from the threat group since February.
RH-ISAC advises organizations to manage multi-factor identity verification for callers and limit the IT support actions that can be completed in a single call without escalation to management.
The post BlackFile actively extorting data-theft victims in retail and hospitality sector appeared first on CyberScoop.
Attackers rarely exploit an edge-device vulnerability indiscriminately. Typically, they first test how widely the flaw can be used and how much access it can provide, then move on to steal data or disrupt operations.
Pre-attack surveillance and planning leaves a lot of noise in its wake. These signals — particularly spikes in traffic that are hitting specific vendors — can act as an early-warning system, often preceding public vulnerability disclosures, according to research GreyNoise shared exclusively with CyberScoop prior to its release.
Roughly half of every activity surge GreyNoise detected during a 103-day study last winter was followed by a vulnerability disclosure from the same targeted vendor within three weeks, GreyNoise said in its report.
Researchers determined that the median warning of an impending vulnerability disclosure arrived nine days before the targeted vendor issued a public alert to its customers.
“Virtually every time we see large scale spikes in reconnaissance and inventory activity looking for a certain device, it’s because somebody knows about a vulnerability,” Andrew Morris, founder and chief architect at GreyNoise, told CyberScoop.
“Within a few days or weeks — usually within the responsible disclosure timeline — a new very bad vulnerability comes out,” he added.
GreyNoise insists that every day of advance notice matters, giving defenders an opportunity to defend against and thwart potential attacks before they occur.
The real-time network edge scanning platform spotted 104 distinct activity surges across 18 vendors during its study period. These embedded systems, including routers, VPNs, firewalls and other security systems, consistently account for the most commonly exploited vulnerabilities.
“Attackers love hacking security devices like security appliances. The irony of that is just not lost on me at all,” Morris said.
“It hasn’t gotten bad enough for us to start taking the security of these devices seriously,” he added. “It’s not bad enough for us to take it seriously enough to start ripping these things out and replacing them with new devices or new vendors.”
GreyNoise linked traffic surges to a swarm of vulnerabilities disclosed by vendors across the market, including Cisco, Palo Alto Networks, Fortinet, Ivanti, HPE, MicroTik, TP-Link, VMware, Juniper, F5, Netgear and others.
“It’s becoming scientifically empirical, and it’s becoming more like meteorology than mysticism,” Morris said. “This is like clockwork now.”
GreyNoise breaks these traffic surges down to measure intensity and breadth. Session counts indicate how hard existing sources are hammering a specific vendor and unique source IP counts demonstrate how widely new infrastructure is joining the activity, researchers wrote in the report.
“When both the intensity and breadth of targeting increase simultaneously, it signals a coordinated escalation,” the report said.
“When you see a session spike against one of your vendors and new source IPs joining at the same time, treat it as a high-confidence reason to look harder. When you see only an IP spike, do not assume a vulnerability is coming,” researchers added.
The study bolsters other research from Verizon, Google Threat Intelligence Group and Mandiant — landing during what GreyNoise calls “the most aggressive period of edge device exploitation on record.”
This activity doesn’t happen in a vacuum and threat groups aren’t flooding edge devices with traffic for free or for fun, according to Morris.
“People tend to treat internet background noise like it’s this unexplainable phenomenon,” he said. “They’re clearly trying to test the existence of a vulnerability in order to compromise the systems.”
The post Network ‘background noise’ may predict the next big edge-device vulnerability appeared first on CyberScoop.
A critical-severity flaw could be exploited remotely, without authentication, to take over a vulnerable device.
The post Juniper Networks Patches Dozens of Junos OS Vulnerabilities appeared first on SecurityWeek.
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.
The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Major technology companies have joined forces in an effort to use advanced artificial intelligence to identify and address security flaws in the world’s most critical software systems, marking a significant shift in how the industry approaches cybersecurity threats.
Anthropic announced Project Glasswing on Tuesday, bringing together Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks. The initiative centers on Claude Mythos Preview, an unreleased AI model that Anthropic will make available exclusively to project partners and approximately 40 additional organizations responsible for critical software infrastructure.
The model has already identified thousands of previously unknown vulnerabilities in its initial testing phase, including security flaws that have existed in widely used systems for decades, according to Anthropic. Among the discoveries is a 27-year-old bug in OpenBSD, an operating system known primarily for its security focus, and a 16-year-old vulnerability in FFmpeg, a widely used video software program that automated testing tools had failed to detect despite running the affected code line five million times. The company has been in contact with the maintainers of the relevant software, and all found vulnerabilities have been patched.
Anthropic will commit up to $100 million in usage credits for the project, along with $4 million in direct donations to open-source security organizations. The company has stated it does not plan to make Mythos Preview available to the general public, citing concerns about the model’s potential misuse.
The initiative reflects growing concerns within the technology sector about the dual-use nature of advanced AI systems. While Mythos Preview was not trained specifically for cybersecurity purposes, its coding and reasoning capabilities have proven effective at identifying subtle security flaws that have eluded human analysts and conventional automated tools.
“Although the risks from AI-augmented cyberattacks are serious, there is reason for optimism: the same capabilities that make AI models dangerous in the wrong hands make them invaluable for finding and fixing flaws in important software—and for producing new software with far fewer security bugs,” the company said in a blog post. “Project Glasswing is an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity.”
The project comes as the industry has predicted that similar AI capabilities will soon become more widespread. Anthropic executives have indicated that without coordinated action, such tools could eventually reach actors who might deploy them for malicious purposes rather than defensive security work.
Participating organizations will be required to share their findings with the broader industry. The project places particular emphasis on open-source software, which forms the foundation of most modern systems, including critical infrastructure, yet whose maintainers have historically lacked access to sophisticated security resources.
“Open source software constitutes the vast majority of code in modern systems, including the very systems AI agents use to write new software. By giving the maintainers of these critical open source codebases access to a new generation of AI models that can proactively identify and fix vulnerabilities at scale, Project Glasswing offers a credible path to changing that equation,” said Jim Zemlin, CEO of the Linux Foundation. “This is how AI-augmented security can become a trusted sidekick for every maintainer, not just those who can afford expensive security teams.”
Additionally, Anthropic says it has engaged in ongoing discussions with U.S. government officials regarding Mythos Preview’s capabilities. The company has framed the project in national security terms, arguing that maintaining leadership in AI technology represents a strategic priority for the United States and its allies. Anthropic has been locked in a high-stakes dispute with the Department of Defense about the U.S. military’s use of the startup’s Claude AI model in real-world operations.
The project’s success will depend partly on whether the collaborative approach can keep pace with rapid advances in AI capabilities. Anthropic has indicated that frontier AI systems are likely to advance substantially within months, potentially creating a dynamic environment where defensive and offensive capabilities evolve in parallel.
“Project Glasswing is a starting point,” Anthropic wrote in a blog post. “No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play. The work of defending the world’s cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months. For cyber defenders to come out ahead, we need to act now.”
The post Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities appeared first on CyberScoop.
SAN FRANCISCO — The Trump administration’s two-week old cyber strategy that aims to promote more proactive, offensive actions while bolstering federal networks and critical infrastructure, is a significant shift that’s already materializing in meaningful ways, a group of experts said Monday at the RSAC 2026 Conference.
Despite the federal government’s absence from the industry’s largest annual gathering, and the long-anticipated document’s brevity, representatives from a major cybersecurity vendor, consulting, venture capital and law firm were quick to defend and evangelize the administration’s strategic actions in cyberspace.
The freshly-released strategy puts the federal government on firm footing to move beyond deterrence and into action, said David Lashway, partner and global leader of cybersecurity and national security at Sidley Austin.
“We are going to take offensive and defensive action with the most powerful cyber capability that the world’s ever seen, and hopefully will ever know,” he said.
This doesn’t mean, as some industry observers have suggested, that the Trump administration is pushing private companies to hack back.
The scale and whole of government response is the key difference between the latest federal cyber strategy and what administrations have called for over the past decade, Lashway said.
Instead of relying on private lawyers to get a nationwide injunction and collaborate with dozens of governments for massive takedowns, or government agencies collaborating with private security companies on a limited basis, the strategy aims to mobilize “the massive infrastructure and capability of the United States in a more coordinated way,” he added.
This strategic pivot won’t achieve all of its objectives immediately, but it’s already showing signs of impact, according to Lashway. “It’s been different since they issued the strategy,” he said. “We’ve already noticed a difference.”
Wendi Whitmore, chief security intelligence officer at Palo Alto Networks, said she’s also seen more collaboration in the private sector.
“While there’s no doubt challenges related to current staffing and the dynamic environment going on with the government, I have never before seen as much action and cooperation as we are seeing today, and that’s from every government agency that we’re working with,” Whitmore said.
“There is certainly a tremendous shift in the level of discussion that we get from the government today,” she added. “It’s a very proactive, kind of muscular dialogue that’s different from what I’ve previously seen.”
Experts said that earlier concerns about triggering backlash and worsening already fragile systems had kept the federal government from taking certain actions, but that caution is now being reconsidered.
“The government’s going to start punching people in the face,” said Jamil Jaffer, venture partner and strategic advisor at Paladin Capital Group.
Trump administration officials have told the private sector it wants their help and they need to be well defended, he added. “If we do live in glass houses, well, everyone’s going to need to start putting more glass up.”
Jaffer expects the Trump administration to prevent and respond to intrusions aggressively and publicly. “Half the problem with deterrence today is we don’t actually practice real deterrence when it comes to the cyber domain. We don’t punch people back,” he said.
The dynamic and proper response, to him, is akin to a child responding to a bully at school.
“If you get hit in the face, punch them back in the face,” Jaffer said. “Do it publicly. Everyone sees it. Less people come after you.”
The post Experts insist Trump administration’s cyber strategy is already paying off appeared first on CyberScoop.
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency.
Based in Kalamazoo, Michigan, Stryker [NYSE:SYK] is a medical and surgical equipment maker that reported $25 billion in global sales last year. In a lengthy statement posted to Telegram, a hacktivist group known as Handala (a.k.a. Handala Hack Team) claimed that Stryker’s offices in 79 countries have been forced to shut down after the group erased data from more than 200,000 systems, servers and mobile devices.
A manifesto posted by the Iran-backed hacktivist group Handala, claiming a mass data-wiping attack against medical technology maker Stryker.
“All the acquired data is now in the hands of the free people of the world, ready to be used for the true advancement of humanity and the exposure of injustice and corruption,” a portion of the Handala statement reads.
The group said the wiper attack was in retaliation for a Feb. 28 missile strike that hit an Iranian school and killed at least 175 people, most of them children. The New York Times reports today that an ongoing military investigation has determined the United States is responsible for the deadly Tomahawk missile strike.
Handala was one of several hacker groups recently profiled by Palo Alto Networks, which links it to Iran’s Ministry of Intelligence and Security (MOIS). Palo Alto says Handala surfaced in late 2023 and is assessed as one of several online personas maintained by Void Manticore, a MOIS-affiliated actor.
Stryker’s website says the company has 56,000 employees in 61 countries. A phone call placed Wednesday morning to the media line at Stryker’s Michigan headquarters sent this author to a voicemail message that stated, “We are currently experiencing a building emergency. Please try your call again later.”
A report Wednesday morning from the Irish Examiner said Stryker staff are now communicating via WhatsApp for any updates on when they can return to work. The story quoted an unnamed employee saying anything connected to the network is down, and that “anyone with Microsoft Outlook on their personal phones had their devices wiped.”
“Multiple sources have said that systems in the Cork headquarters have been ‘shut down’ and that Stryker devices held by employees have been wiped out,” the Examiner reported. “The login pages coming up on these devices have been defaced with the Handala logo.”
Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices.
Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently.
Palo Alto says Handala’s hack-and-leak activity is primarily focused on Israel, with occasional targeting outside that scope when it serves a specific agenda. The security firm said Handala also has taken credit for recent attacks against fuel systems in Jordan and an Israeli energy exploration company.
“Recent observed activities are opportunistic and ‘quick and dirty,’ with a noticeable focus on supply-chain footholds (e.g., IT/service providers) to reach downstream victims, followed by ‘proof’ posts to amplify credibility and intimidate targets,” Palo Alto researchers wrote.
The Handala manifesto posted to Telegram referred to Stryker as a “Zionist-rooted corporation,” which may be a reference to the company’s 2019 acquisition of the Israeli company OrthoSpace.
Stryker is a major supplier of medical devices, and the ongoing attack is already affecting healthcare providers. One healthcare professional at a major university medical system in the United States told KrebsOnSecurity they are currently unable to order surgical supplies that they normally source through Stryker.
“This is a real-world supply chain attack,” the expert said, who asked to remain anonymous because they were not authorized to speak to the press. “Pretty much every hospital in the U.S. that performs surgeries uses their supplies.”
John Riggi, national advisor for the American Hospital Association (AHA), said the AHA is not aware of any supply-chain disruptions as of yet.
“We are aware of reports of the cyber attack against Stryker and are actively exchanging information with the hospital field and the federal government to understand the nature of the threat and assess any impact to hospital operations,” Riggi said in an email. “As of this time, we are not aware of any direct impacts or disruptions to U.S. hospitals as a result of this attack. That may change as hospitals evaluate services, technology and supply chain related to Stryker and if the duration of the attack extends.”
According to a March 11 memo from the state of Maryland’s Institute for Emergency Medical Services Systems, Stryker indicated that some of their computer systems have been impacted by a “global network disruption.” The memo indicates that in response to the attack, a number of hospitals have opted to disconnect from Stryker’s various online services, including LifeNet, which allows paramedics to transmit EKGs to emergency physicians so that heart attack patients can expedite their treatment when they arrive at the hospital.
“As a precaution, some hospitals have temporarily suspended their connection to Stryker systems, including LIFENET, while others have maintained the connection,” wrote Timothy Chizmar, the state’s EMS medical director. “The Maryland Medical Protocols for EMS requires ECG transmission for patients with acute coronary syndrome (or STEMI). However, if you are unable to transmit a 12 Lead ECG to a receiving hospital, you should initiate radio consultation and describe the findings on the ECG.”
This is a developing story. Updates will be noted with a timestamp.
Update, 2:54 p.m. ET: Added comment from Riggi and perspectives on this attack’s potential to turn into a supply-chain problem for the healthcare system.
Update, Mar. 12, 7:59 a.m. ET: Added information about the outage affecting Stryker’s online services.
Cloudflare’s inaugural threat intelligence report identifies a series of weaknesses in technology that attackers have abused and industrialized into professional “attack factories,” leaving most organizations unprepared to respond.
Attackers are turning the very services victims deploy and pay for into tools for launching large-scale attacks. Researchers say the barrier to entry has vanished, as identities and tokens allow attackers to weaponize gaps in cloud-based systems.
Organizations’ environments are riddled with potential entry points. As the everything-as-a-service model spreads, systems become more interconnected and dependent on one another, and many software components are reachable in ways that make them nearly as accessible to attackers as to legitimate users.
“When one of those interconnections goes bad, all of a sudden everything’s gone south,” Blake Darché, head of Cloudflare’s threat intelligence unit Cloudforce One, told CyberScoop.
“Data is more accessible than ever, which is good for a lot of cases, but the threat actors are using that easy access to that data as a way to exploit people, systems and organizations,” he added. “It’s only going to get harder. I think some of the AI tools will make this even worse.”
Attackers have turned “the connective tissue of the modern enterprise into its primary vulnerability,” researchers wrote in the report.
Cloudflare expects attackers to routinely exploit platforms as a standard tactic this year. Cybercriminals, nation-states and others routinely use public cloud resources to blend in with legitimate traffic, provision infrastructure for operations and cast link-based phishing lures into emails that bypass or slip through ineffective protections, researchers wrote in the report.
Weaknesses in the seams of complex cloud environments are abundant and consequential, allowing identity-based attacks to achieve the same outcome as complex malware or zero-day exploits.
These blind spots make the traditional barometers for danger — an attackers’ demonstrated sophistication through elegant code or novel zero-days — effectively trivial, researchers wrote in the report.
“If you’re a business that just lost a million records, it doesn’t matter if the threat actor was sophisticated, unsophisticated, or a child,” Darché said.
Cloudflare argues the industry should reframe how it categorizes risk and take a more pragmatic approach: focus on “effectiveness,” measured by the ratio of an attacker’s effort to the operational outcome they achieve.
“It turns out, you don’t need to be sophisticated to be successful,” Darché said. “In the industry, we’re overly focused on sophistication of threats and that’s probably not what it’s about anymore, and it’ll become less about sophistication level over time.”
The far-reaching attack spree originating at Salesloft Drift last summer, which impacted Cloudflare and more than 700 additional companies through the third-party AI agent’s connection with Salesforce, exemplified the risks lurking in unexpected places in the supply chain.
The trusted relationships that these interconnected services rely on need to be further scrutinized, Darché said. “You as the data owner don’t even know where their data is going, and your exposure is just almost infinite.”
The post Attackers are using your network against you, according to Cloudflare appeared first on CyberScoop.
Palo Alto Networks announced Tuesday its plans to buy security startup Koi, a deal aimed at addressing the security risks emerging as organizations rapidly adopt agentic AI.
Terms were not disclosed, but Israeli business outlet Globes reported that Palo Alto will pay approximately $400 million. The deal is another among a trend of larger cybersecurity industry companies buying AI-focused security startups.
In a statement announcing the agreement, Palo Alto Networks argues that “agentic” tools are reshaping endpoint risk because they can act with broad privileges, interact with multiple systems and move data in ways that older security products were not designed to monitor. For years, endpoint protection emphasized detecting malicious files and stopping known malware techniques. The new concern described in the announcement centers on legitimate software that can become dangerous through compromise, misconfiguration or abuse. AI agents, in this framing, resemble highly capable insiders: they operate using a user’s credentials, can take actions on a user’s behalf and may do so automatically and at speed.
“AI agents and tools are the ultimate insiders,” said Lee Klarich, Palo Alto’s chief product & technology officer. “They have full access to your systems and data, but operate entirely outside the view of traditional security controls. By acquiring Koi, we will be closing this gap and setting a new standard for endpoint security. We will give our customers the visibility and control required to safely harness the power of AI — ensuring that every agent, plugin, and script is governed, verified, and secure.”
Palo Alto Networks says Koi’s technology would be integrated into its Prisma AIRS AI security platform and would enhance the company’s Cortex XDR endpoint product. The stated goal is better visibility into AI-driven activity on endpoints and additional controls over tools that fall outside conventional security monitoring.
Palo Alto Networks and Koi describe their approach moving forward as “Agentic Endpoint Security,” built around visibility into AI-related software, continuous risk analysis and real-time policy enforcement. The language suggests an attempt to define a new product category at a moment when enterprises are still deciding how to govern AI tools that are proliferating through developer workflows and everyday office software.
The proposed acquisition also signals how major security vendors may respond to enterprise AI adoption: by packaging agent governance, monitoring and control into endpoint and cloud security portfolios, and by treating AI-driven automation as a distinct source of risk rather than a feature layered onto existing defenses.
The acquisition is the second AI-focused deal for Palo Alto in the plast six months. In November, the company announced it was acquiring Chronosphere, an AI-focused observability firm, for $3.35 billion.
The post Palo Alto Networks’ Koi acquisition is all about keeping AI agents in check appeared first on CyberScoop.
Identity is still the primary entry point for cyberattacks, according to Palo Alto Networks’ threat intelligence firm Unit 42. In its annual incident response report released Tuesday, Unit 42 found that identity-based techniques accounted for nearly two-thirds of all initial network intrusions last year.
Social engineering was the leading attack method, accounting for one-third of the 750 incidents Unit 42 responded to in the one-year period ending in September 2025. Attackers also bypassed security controls with compromised credentials, brute-force attacks, overly permissive identity policies and insider threats, researchers said.
The persistent pitfalls of identity extended beyond initial access, with an identity-related element playing a critical role in nearly 90% of all incidents last year. Unit 42’s report highlights the explosive impact of identity abuse, and pins much of the problem on poor security controls and misconfigurations across interconnected tools and systems.
“Across the attack lifecycle, the biggest thing is that once you have an identity, you’ve got everything, you’ve got the key and you’re in,” Sam Rubin, senior vice president of consulting and threat intelligence at Unit 42, told CyberScoop. “From a defense standpoint, enterprises are still not very good at finding the signal in the noise, essentially the detection when an identity-based tactic is used because there isn’t unauthorized access per se from a technical telemetry standpoint, and it becomes a harder detection mechanism.”
Vulnerability exploits, an ever-moving target, were still prolific and accounted for 22% of initial intrusions across attacks, but humans remain the weakest link, Rubin said.
The rise of machine-based identities and AI agents, which require an identity to take action, is expanding the attack surface for cybercriminals. Identity challenges are manifesting in the software supply chain as well, as API access and SaaS integrations become another weak link and way in for attackers if control keys aren’t properly controlled.
An attack on Salesloft Drift customers last summer highlighted how tightly integrated services can unravel and expose victims that are multiple layers removed from the vendor. More than 700 organizations were impacted directly, but Salesloft Drift’s integrations with dozens of third-party tools opened many additional paths of potential compromise.
More broadly, attackers are jumping from branch offices into a victims’ headquarters or data centers because too many accounts remain over permissioned and cloud-based accounts are established with too much privilege or a lack of segmentation, Rubin said.
These gaps allow threat groups to turn break-ins into significant attacks.
“We just see this time and again that there could have been better identity-based practices that would have constrained the blast radius, even if it didn’t stop the initial access,” Rubin said.
“It’s a problem of signal and noise,” he added. “Think about a global enterprise and all of this authenticated, legitimate activity happening every day. How do you see and identify the one instance where a user is already authenticated but doing something that they shouldn’t do?”
Large and older organizations are at a greater disadvantage, Rubin said. Over time, their technology stacks have evolved to include legacy systems acquired through various business deals. This leaves IT teams managing a patchwork of disparate systems that are poorly integrated, creating significant security vulnerabilities.
“We forgot as defenders to consider the entire attack chain, because too often we see the defense happens in silos,” Rubin said, adding that attacks that pivot from endpoints to cloud-based services are commonly missed.
Each of those jumps gives defenders a chance to thwart attacks. Nearly 90% of the attacks Unit 42 investigated last year involved malicious activity across multiple attack surfaces.
Financially motivated attacks accounted for most of the 750 incidents Unit 42 responded to last year. Unit 42 did not say how many of those attacks resulted in payments, but it said median payments increased 87% year-over-year to $500,000 last year.
Attackers continue to pick up speed as well, exfiltrating data from victim networks under a median duration of two days. Attackers stole data in under one hour in 22% of the attacks Unit 42 responded to last year.
Unit 42’s annual look-back spotlights critical areas of concern and attack trends that continue to take root, yet it’s not comprehensive. The report’s visibility is limited to incidents that went from bad to worse and prompted victims to seek help from Unit 42.
“The hardest thing about incident response in cybersecurity,” Rubin said, “is there is no one global spot for how much is going on.”
The post Unit 42: Nearly two-thirds of breaches now start with identity abuse appeared first on CyberScoop.
Ransomware negotiation is a dark but widely acknowledged reality in the cybersecurity industry — one that many argue is a necessary practice, even if it largely occurs out of sight. Brokering payments and terms with cybercriminals who hold organizations’ data and operations hostage places security professionals in a fraught position that requires them to balance a responsibility to meet their clients’ needs without fueling the spread of financially-motivated crime.
The pitfalls of ransomware negotiation are excessive — pinning the goals of cybercrime against victims and incident response firms that typically face no good options. Negotiators are charged with ensuring their clients don’t break any laws by financially supporting sanctioned criminals, but they also have to consider the lines they won’t cross without betraying their moral compass.
These backchannel negotiations can go awry for various reasons. Many people involved in ransomware negotiation prefer to share very little about what transpires in these discussions, a decision that ensures the terms of ransomware payments remain largely unscrutinized.
Yet, many security companies and professionals spoke to CyberScoop about the challenges and benefits of ransomware negotiation after two of their own became turncoats. The former incident responders, Ryan Clifford Goldberg and Kevin Tyler Martin, were moonlighting as ransomware operators and pleaded guilty last month to a series of ransomware attacks in 2023.
“There’s no structured community of practice, no peer review, and no recognized body to certify or hold negotiators accountable,” Jon DiMaggio, principal at XFIL Cyber, told CyberScoop. “It’s one of the few areas of cybersecurity with no real standards, an unregulated tradecraft that still operates like the Wild West.”
This uneven approach manifests across the landscape, particularly among the top incident response firms, which have varying levels of comfort with ransomware negotiations. CrowdStrike and Mandiant draw a firm line, refraining from providing ransomware negotiation services to clients.
If a client is considering paying a ransomware group, Mandiant will explain the options and let the client decide. The Google-owned company will also share what it knows about the group’s reputation for honoring terms and provide a list of third-party vendors that specialize in ransomware negotiation.
Adam Meyers, head of counter adversary operations at CrowdStrike, is firmly in the don’t-pay-ransoms camp. But he, too, recognizes it’s not always that simple.
“No good comes from paying them,” but sometimes in extreme cases when the choice is between a business’s downfall or potentially putting the people you serve at risk of significant harm, victims don’t have a choice but to pay the ransom, Meyers said.
Palo Alto Networks Unit 42 takes things to the finish line, but stops before payment. “The boundary for us is we don’t perform ransomware payments. That’s actually an intentional decision on our end to separate those out,” Steve Elovitz, vice president of consulting at Unit 42, told CyberScoop.
“We will perform negotiations when requested by our clients, but we will not perform the payments,” he added. “There’s the complexity side of it, but there’s also just the moral side of it — not wanting to be involved, really, in the transaction itself.”
The red lines in ransomware response — viewing stolen or illegal data on dark web forums, collecting that information, engaging with cybercriminals, negotiating and, ultimately, submitting payment — can push those involved beyond their comfort zones, said Sean Nikkel, lead cyber intelligence analyst at Bitdefender.
These self-imposed limits highlight how secretive ransomware negotiations tend to be, which creates a vacuum in which criminals thrive, DiMaggio said.
“The lack of transparency isolates everyone,” he said. “Victims don’t know what’s normal or fair, law enforcement is often left guessing, and the criminals use that silence to control the narrative and drive up their prices.”
Nikkel asserts some secrecy is necessary, yet ransomware negotiators are “operating without a license and it kind of freaks me out a little bit,” he said.
Professional certifications exist for many lines of intelligence work, but there’s nothing for ransomware negotiation, he added.
DiMaggio, who has infiltrated ransomware groups to investigate their operations, dox their leaders and chronicle stories that would otherwise go untold, said victim organizations constantly make the same mistakes because lessons from these attacks are rarely shared.
“Until the industry finds a responsible way to collect and analyze anonymized negotiation data, we’ll keep fighting each case in the dark,” he said. “Transparency isn’t about shaming victims — it’s about denying criminals the advantage of secrecy.”
Open sharing of ransomware negotiations is a non-starter for many important reasons, experts said. These communications contain privileged information that could tip attackers off to counterstrategies or empower them with information they can use as leverage to further compromise victims.
“It would be difficult to do that in a way that doesn’t compromise the practice,” said Kurtis Minder, the co-founder and former CEO of GroupSense who published a book in July about his experiences as a ransomware negotiator.
Cynthia Kaiser, who joined Halcyon’s ransomware research center as senior vice president after 20 years with the FBI, shares that view.
“You don’t want to do anything that re-victimizes the victim,” she said. “If that information goes out, that should be their choice.”
The “darkness” about negotiations doesn’t merit the same emphasis as the need to better understand “how insidious and gross all these ransomware attacks are, and who they’re attacking,” Kaiser added.
“That’s the only way we can really grapple with the actual extent of the threat, and that’s not happening right now,” she said. “That information doesn’t get out there enough.”
Minder got pulled into his first ransomware negotiation in 2019 by accident and against his best intentions. “Somewhat reluctantly, I agreed to do more and then it sort of snowballed on us,” he said. “We didn’t really want to do this.”
Since then, Minder has been involved in hundreds of ransomware negotiations for major companies and small businesses who he volunteered to help in his personal time.
There is no litmus test for what makes a good negotiator, but soft skills and emotional intelligence are critical, he said.
“Empathy is one of the most important things,” Minder added. “Not sympathy — empathy — being able to effectively put yourself in the bad guys’ shoes is super powerful.”
As ransomware attacks have grown, so too has the mixed motivations of attackers attempting to extort victims for payment.
Attacker volatility has increased in the past four years and complicated the considerations negotiators must heed in their response, said Lizzie Cookson, senior director of incident response at Coveware by Veeam.
Some attackers are “eager to get paid, but they’re also in it for the notoriety, for the bragging rights, for the media attention,” said Cookson, who’s worked as ransomware negotiator for more than a decade. “That’s where we start to encounter more concerning behavior — more hostility, threat actors threatening violence, making threats against people’s family members.”
These cases, which occur much more often now, are more likely to result in broken promises — data leaks after a ransom was paid to avoid such an outcome or follow-on extortion demands, she said.
Indeed, cybercriminals consistently pull new threads to amplify the pressure they place on victims. This includes elements of physical extortion wherein ransomware groups call and threaten executives, claiming they know where the executives’ kids go to school, where they live and how they get to work, said Flashpoint CEO Josh Lefkowitz.
These threats put business leaders in precarious, unexpected positions that challenge their preconceived notions about how they’d respond to a cyberattack, Lefkowitz said.
Ransomware negotiation requires practitioners to navigate between doing what’s necessary and what’s right, DiMaggio said. “The key is to treat every negotiation as a crisis with human consequences, not just a transaction.”
Ransomware negotiators tend to run through common checklists based on patterns they’ve experienced, but each incident is unique and requires some level of improvisation.
Matt Dowling, senior director of digital forensic and incident response at Surefire Cyber, said ransomware operators, on the whole, are more trustworthy now than when he first got involved in negotiations in 2019. The practice, he said, has also improved because threat intelligence is more useful, making negotiations a data- driven effort.
Dowling separates ransomware operators into two groups: named and unnamed. Named groups are more trustworthy because they have a reputation to uphold, while unnamed groups are more likely to re-extort victims and deviate from the standards of ransomware negotiation, such as not providing proof of their claims.
Still, he said, most payments result in positive outcomes for the victims. The lowest payment Dowling has facilitated came in around $6,000, and the largest was about $8 million, he said.
Some negotiations end abruptly without further incident. These cases typically involve charities or non-profits, according to Minder.
One case he worked on involved a charity that provided free screenings for breast cancer. In that incident, he simply asked the attackers: “Why are you doing this? These people don’t have any extra money.”
The attackers walked away after the organization agreed to pay a $5,000 ransom to cover what the ransomware group claimed amounted to costs it incurred to conduct the attack — a significant discount from their initial demand of $2 million.
When cases involving data extortion come to a close, negotiators will ask for proof the data was deleted, which is impossible to confirm. Some attackers, who are especially proud of their work will provide detailed reports about how they gained access — information that helps the victim and incident responders understand how and what occurred.
Experts said the number of people involved in ransomware negotiations can be quite large when lawyers, insurance providers and law enforcement is involved. The duration of these back-and-forth compromises can last for a couple hours or up to three months.
Negotiators also employ generally similar strategies to achieve their client’s objectives at the lowest possible payment.
Threat intelligence on ransomware groups can guide negotiators toward a more gentle or aggressive approach, but in all cases “the threat actor, at the outset, has all the leverage,” Dowling said.
“The leverage that you have is the threat actor wants to get paid. The only way they’re going to get paid is if you come to an agreement,” he added.
Every ransomware negotiator CyberScoop spoke with remarked on the importance of delay. “Time is always our friend,” Cookson said. “Every day that passes after the initial incident is an opportunity for us to get more visibility so that they can make those decisions with a lot more confidence and make those decisions based on actual data, not based on fear and emotion.”
Initial outreach from negotiators working on behalf of a victim should be short and simple, allowing attackers to do most of the talking up front, Minder said. Negotiators should also avoid discussion of any financial numbers or positional bargaining as long as possible, he said.
Cursing or adopting combative language is a hard no-no for Minder as well. “There are ways to convey disappointment in the messages that aren’t fighting words,” he said. “They’re humans. They have egos, so you have to keep that in mind.”
Delay tactics are designed to get the attackers to question their own demand before the negotiator ever puts a number in writing, Minder said.
Moreover, it’s not just about the money — ransomware operators are seeking validation, and a sense that they’re in control and winning, he said.
The worst outcomes involve victims that rush to make a payment, assuming that will make all the pain go away, Cookson said.
Ransomware is a thriving criminal enterprise, amounting to a combined $2.1 billion in payments during the three-year period ending in December 2024 and about 3,000 total attacks in 2023 and 2024, according to the Treasury Department’s Financial Crimes Enforcement Network.
Businesses, of course, see opportunity in all of that activity and boutique firms have assembled teams to support victim organizations by engaging in ransomware negotiations on their behalf in the wake of attacks.
This ancillary industry fosters additional ethical challenges, especially when there’s a built-in financial incentive for ransomware negotiations to occur and, in some cases, result in payments.
A general lack of transparency in billing puts the practices of some of these firms under heavier scrutiny. Some firms charge a flat fee or hourly rate, while others use a contingency model based on the percentage of the ransom reduction they’re able to achieve, DiMaggio said.
“It’s not the norm across the industry, but it happens, and it introduces a clear conflict of interest,” he added. “When a negotiator’s income depends on the ransom outcome, it blurs the line between representing the victim and profiting from the crime.”
While some ransomware negotiation providers do, indeed, charge a small percentage off the ransom payment, victim organizations should avoid hiring any firm that employs that model, Elovitz said.
“If you’re making a percentage of the payment, then at least there’s some financial incentive to not negotiate it down as far as you might otherwise,” he added.
DiMaggio would like to see more clarity around how service providers set prices for ransomware negotiation. Absent that, he said, “the industry will keep living in a moral gray zone, one where good intentions can unintentionally sustain the very ecosystem we’re trying to dismantle.”
Ransomware negotiation remains an ill-defined, largely unrestricted practice, absent any collective industrywide agreement on rules of engagement.
Any effort to define rules upon which the industry can coalesce could potentially pit competitors against one another, leaving room for those more willing to bend the norms an opportunity to win business by providing less scrupulous services.
Negotiators are effectively unfettered once they ensure they’re not breaking any laws by engaging with or sending money to sanctioned criminals.
Still, there’s an unmet need for checks and balances, oversight, transparency and a standardized set of rules for negotiators to follow without crossing any professional or personal lines.
Part of the challenge with external oversight lies in the act of negotiation, an art that requires intermediaries to build limited trust with attackers spanning conversations that may not play well in the public sphere, Elovitz said.
“Putting that under a microscope could inhibit the good guys more than the bad,” he said. Payments themselves, however, could benefit from more scrutiny, Elovitz added.
Clarity in purpose should prevail above all of these factors.
Protecting victims without empowering criminals is the first principle of ransomware negotiation, but that balance can’t be managed in the dark, DiMaggio said.
“I’ve seen firsthand how the lack of oversight allows abuse from both sides of the table,” he said.
To prevent manipulation, DiMaggio called for a standardized framework, vetted negotiators, recorded and auditable communications and anonymized after-action reviews.
“Without accountability, the victims end up paying twice,” he said. “Once to the criminals, and again to the people who claim to save them.”
The scars from years spent as a ransomware negotiator brought Minder back to where his intuition was before he ever got involved. “I don’t believe this should be a business. I say that having been paid to do this,” he said.
“It’s almost like a parasitic industry,” Minder said. “You’re profiting from victims.”
The post The thin line between saving a company and funding a crime appeared first on CyberScoop.
Login