Connect with us


Ransomware syndicates are focusing their attacks on backup systems in order to maximize their financial gains





Data backups have become a top target for ransomware actors, according to a report from a cybersecurity company.

A startling 94% of organizations that experienced ransomware attacks in the previous year reported that the attackers made an effort to compromise their backup systems, according to a recent study by Sophos that involved polling about 3,000 IT and security experts from 14 different countries.

For organizations in the government, media, leisure, and entertainment sectors, the percentages were even higher, reaching 99%.

The report outlined the two primary methods for recovering encrypted data in a ransomware attack: restoring from backups or opting to pay the ransom.

“By compromising an organization’s backups, ransomware actors can severely limit the victim’s ability to recover encrypted data, thereby increasing the pressure to pay,” stated the researchers.

“It has become a routine occurrence for these individuals during their attacks,” commented Curtis Fechner, the head of cybersecurity threats at Optiv, a Denver-based provider of cybersecurity solutions.

He mentioned to TechNewsWorld that they constantly attempt to locate and render the backups inaccessible. One aspect of their strategy for earning money involves identifying the backups, as they aim to maximize their potential revenue from an attack.

“By taking your backups offline and using them as leverage for recovery, I have increased the likelihood of you paying. Furthermore, I can exploit your desperation to extract even more from you.”I understand that you’re in a difficult situation,” Fechner added.

Growing Threat
According to Ilia Sotnikov, a security strategist and the vice president of user experience at Netwrix, an IT security software company headquartered in Frisco, Texas, enterprise ransomware was not very sophisticated when it first emerged about 10 years ago.

The ransomware malware quickly spread through the system by taking advantage of weak configurations or vulnerabilities and encrypting any data it came across. According to him, the victim was forced to pay a ransom in order to regain access to their operations.

“The cybersecurity industry has implemented a comprehensive security strategy that includes enhanced protection and detection capabilities, as well as a strong focus on backup and recovery practices,” he stated. Due to their expertise, organizations were able to successfully deflect the majority of attacks, significantly reducing the number of successful ones. Additionally, they gained valuable knowledge on how to efficiently restore systems and operations without resorting to paying a ransom.

Furthermore, he explained that the ransomware strategy underwent changes to enhance the likelihood of success by exploring alternative methods to overcome security measures. Malware has become increasingly difficult to detect and combat. The criminals began to allocate additional time to the reconnaissance stage in order to pinpoint and focus on the most vulnerable information. Groups such as Maze and LockBit began to extract the company’s data and introduced the additional risk of a public data leak alongside the encryption, a tactic referred to as double extortion.

“Since then,” he noted, “ransomware attackers have also begun targeting the backups to render recovery impossible or excessively expensive, compelling the victims to pay the ransom.”

Backups are currently down, while ransom demands are on the rise.

According to Sophos, people who had their backups compromised faced ransom demands that were typically more than twice as high as those who were not. For victims with compromised backups, the median ransom demands amounted to US$2.3 million, while those with uncompromised backups faced demands of $1 million.

Backups are essential for the smooth operation of organizations. According to Darren Guccione, CEO of Keeper Security, a password management and online storage company in Chicago, if the backup is compromised and the organization falls victim to a cyberattack, they may become more desperate to regain access to their networks and data.

“Attackers are well aware of the impact of denying access to backups, which leaves organizations in a vulnerable position and with limited choices other than complying with exorbitant ransom demands in order to retrieve their data,” he explained to TechNewsWorld.

The Sophos research provided evidence to support the fact that organizations with compromised backups are unable to negotiate with ransomware actors. It was discovered that individuals who had compromised backups ended up paying an average of 98% of the ransom demanded, while those without compromised backups paid 82%.

According to the report, organizations that had their backups compromised were significantly more inclined to pay the ransom in order to retrieve their encrypted data (67%), compared to those whose backups remained unaffected (36%).

Increased Cost of Restoration
Victims who have compromised backups not only face the burden of paying higher ransoms, but they also incur additional costs when it comes to recovering from an attack.

The median overall recovery costs for organizations whose backups were compromised were eight times higher at $3 million, compared to those whose backups were not impacted at $375,000.

Guccione outlined the various expenses that organizations face when they become targets of ransomware attacks. These include the financial impact of disrupted operations and harm to their reputation, the extensive efforts required for recovery in the short and long term, the actual ransom payment, and the potential consequences of fines and legal obligations.

“When a ransomware attack affects backups as well, it greatly extends the restoration process. Organizations are then required to rebuild their systems, data, and other crucial configurations,” he explained. If a breach involves a loss of sensitive data, especially if it includes personally identifiable information or falls under data protection regulations like GDPR or HIPAA, organizations may face additional legal and regulatory expenses.

As per the Sophos report, organizations with compromised backups experience longer recovery times from ransomware attacks. Just 26% of individuals who had their backups compromised were able to recover within a week after an attack, in contrast to 46% of those who did not have compromised backups.

Offline Backups: Balancing Security and Cost
There are various factors that contribute to the difference in restoration times between organizations with compromised and uncompromised backups, as highlighted in the report. One significant factor is the extra effort required to restore data from decrypted sources instead of well-prepared backups. Additionally, the presence of weaker backup protection may suggest less resilient defenses and a greater need for subsequent rebuilding efforts, according to the statement.

According to Narayana Pappu, the CEO of Zendata, a data collection, management, and sharing company based in San Francisco, backups usually lack the same level of security controls as production systems.

“Implementing logging, security measures, access controls, and testing on backup systems would be highly beneficial,” he advised TechNewsWorld. In addition, it is crucial to have redundant backups stored in various locations, including both cloud storage and offline storage. Implementing a comprehensive disaster recovery strategy can significantly minimize downtime.

According to Fechner, offline backups are effective in protecting against threats to backups, but they can also be quite costly. “Having backups that are offline and inaccessible to attackers is crucial,” he emphasized. However, considering the financial constraints faced by numerous organizations, particularly those in the small to medium business category, targeting backups remains a lucrative strategy for attackers.

As Editor here at GeekReply, I'm a big fan of all things Geeky. Most of my contributions to the site are technology related, but I'm also a big fan of video games. My genres of choice include RPGs, MMOs, Grand Strategy, and Simulation. If I'm not chasing after the latest gear on my MMO of choice, I'm here at GeekReply reporting on the latest in Geek culture.


Threads finally starts its own program to check facts





Meta’s latest social network, Threads, is launching its own fact-checking initiative after leveraging Instagram and Facebook’s networks for a brief period.

Adam Mosseri, the CEO of Instagram, stated that the company has recently implemented a feature that allows fact-checkers to assess and label false content on threads. Nevertheless, Mosseri refrained from providing specific information regarding the exact timing of the program’s implementation and whether it was restricted to certain geographical regions.

The fact-checking partners for Threads—which organizations are affiliated with Meta—are not clearly specified. We have requested additional information from the company and will revise the story accordingly upon receiving a response.

The upcoming U.S. elections appear to be the main driving force behind the decision. India is currently in the midst of its general elections. However, it is improbable that a social network would implement a fact-checking program specifically during an election cycle rather than initiating the project prior to the elections.

In December, Meta announced its intention to implement the fact-checking program on Threads.

“At present, we align the fact-check ratings from Facebook or Instagram with Threads. However, our objective is to empower fact-checking partners to evaluate and assign ratings to misinformation on the application,” Mosseri stated in a post during that period.

Continue Reading


Google developed several pioneering social applications for Android, such as Twitter and various others





Here is a lesser-known piece of startup history that may not be widely known outside of the technology companies themselves: Google itself developed the initial iterations of well-known Android applications, such as Twitter. The revelation was made during a recent podcast featuring Sara Beykpour, the former senior director of product management at Twitter and current co-founder of the AI news startup Particle.

Beykpour discusses her involvement in Twitter’s past in a podcast with Lightspeed partner Michael Mignano. She details her employment at Twitter in 2009, where she started as a tools engineer, during a time when the company had a workforce of approximately 75 individuals. Subsequently, Beykpour transitioned to working on mobile applications at Twitter during a period when third-party applications were gaining traction on different platforms, such as BlackBerry and iOS. Twitter bought one of those applications, called Loren Brichter’s Tweetie, and used it as the basis for its initial official iOS app.

Beykpour stated that Twitter’s Android app originated from Google.

The Twitter for Android client was a prototype app that Google created and gave to them, according to her statement on the podcast. “During that period, Google developed all the popular social apps such as Foursquare and Twitter, resulting in a similar appearance among them.”

Mignano interrupted, requesting clarification on the matter. Did Google develop applications in order to encourage companies to adopt Android?

“Yes, precisely,” Beykpour replied.

Following that, Twitter took over control of the Google-developed Android app and started to improve its features. According to her, Beykpour was the company’s second Android engineer.

Google documented its efforts on the Android Twitter client in a blog post in 2010. However, the media coverage during that time failed to acknowledge Google’s contribution, resulting in this aspect of internet history being overlooked. Google’s post details the integration of early Android best practices into the Twitter app. Beykpour informed TechCrunch that Virgil Dobjanschi, the post’s author, held the primary role of software engineer.

“We were expected to direct any inquiries to him,” she recalls.

Beykpour also recounted additional anecdotes regarding Twitter’s early stages. As an example, she was involved in the development of Vine, Twitter’s video app, after returning to Twitter from working at Secret. She faced pressure to release Vine on Android before Instagram launched its own video product. According to her, she managed to meet the deadline by introducing Vine approximately two weeks prior to the release of Instagram Video.

The latter had a significant impact on Vine’s metrics, and according to Beykpour, it was the main factor that caused the downfall of the popular app.

She claimed that, even though it took several years for Vine to finally shut down, “that was the day when the signs of its demise became evident.”

At Twitter, Beykpour spearheaded the discontinuation of Vine’s product—an application that remains highly popular, to the extent that even Elon Musk, the new owner of Twitter/X, continues to playfully hint at its potential revival. However, Beykpour believes that Twitter made a sound decision regarding Vine, as he acknowledges that the app was not experiencing growth and was costly to maintain. She concedes that others may have a different perspective, possibly contending that Vine lacked sufficient resources or support from leadership. However, the ultimate reason for the closure was Vine’s effect on Twitter’s financial performance.

Beykpour also recounted a captivating anecdote regarding his experience working on Periscope. She left Secret and joined the startup just as Twitter purchased it. She recalls the necessity of rejoining Twitter using an alias in order to maintain secrecy about the acquisition for a period of time.

During her presentation on Twitter, she also discussed the challenges associated with acquiring the necessary resources to create and enhance products and features specifically designed for power users, such as journalists.

“Twitter faced difficulties in defining its user,” she stated, as it “relied heavily on conventional OKRs and metrics.” However, it was a reality that only a small proportion of individuals engage in tweeting, and within this subset, only a portion of them are responsible for creating the content that is truly desired by everyone. Beykpour acknowledges that quantifying this subset was a challenging task.

Currently at Particle, her expertise in developing Twitter is influencing the approach for the AI news application, which aims to facilitate the connection between individuals and the news that is relevant to their interests and happening in their vicinity.

“Particle represents a new approach to consuming your daily news,” Beykpour states in the podcast. The objective of the app is to offer a comprehensive and diverse outlook on news while also granting users access to journalism of exceptional quality. The startup is seeking alternative methods to generate revenue from reporting, in addition to advertisements, subscriptions, or micropayments. Nevertheless, the precise details of Particle’s approach are still under deliberation. The startup is presently engaging in discussions with potential publisher partners regarding the remuneration for their contributions.

Continue Reading


Mark Zuckerberg reports that Threads has a total of 150 million users who engage with the app on a monthly basis





Threads, Meta’s alternative to Twitter and X, is experiencing consistent and steady growth. During the Q1 2024 earnings call, Mark Zuckerberg stated that the social network currently has over 150 million monthly active members, which is an increase from 130 million in February.

Threads made significant progress in integrating with ActivityPub, the decentralized protocol that powers networks such as Mastodon, during the last quarterly earnings conference. In March, the firm granted U.S.-based users who are 18 years of age or older the ability to link their accounts to the Fediverse, enabling their posts to be seen on other servers.

By June, the business intends to make its API available to a broad range of developers, enabling them to create experiences centered on the social network. Nevertheless, it remains uncertain whether Threads will enable developers to create comprehensive third-party clients.

Meta just introduced their AI chatbot on various platforms like Facebook, Messenger, WhatsApp, and Instagram. Threads was conspicuously omitted from this list, perhaps because of its lack of built-in direct messaging capabilities.

Threads introduced a new test feature on Wednesday that allows users to automatically archive their posts after a certain length of time. Additionally, users have the ability to store or remove specific postings from an archive and make them accessible to the public.

Threads is around nine months old, and Meta has consistently expanded its readership. Nevertheless, Threads cannot be considered a viable substitute for X, as Instagram’s head, Adam Mosseri, explicitly stated in October that Threads will not “amplify news on the platform.” However, Meta’s social network continues to grow in popularity. According to app analytics company Apptopia, Threads now has more daily active users in the U.S. than X, as Business Insider reported earlier this week.

Continue Reading