fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Governments Worldwide To Crack Down On Ransomware Payment Channels

Governments Worldwide To Crack Down On Ransomware Payment Channels

Senior officials from 31 countries and the European Union said that their governments would take action to disrupt the cryptocurrency payment channels used by ransomware gangs to finance their operations.

The joint statement was issued following the virtual Counter-Ransomware Initiative meetings facilitated this week by the White House National Security Council in response to ongoing attacks that revealed significant vulnerabilities across critical worldwide infrastructure.

It was issued by ministers and representatives from Australia, Brazil, Bulgaria, Canada, Czech Republic, the Dominican Republic, Estonia, European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, United Arab Emirates, the United Kingdom, and the United States.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

Blocking ransomware gangs’ abuse of cryptocurrency

Publicly disclosed ransomware payments have reached almost $500 million worth of cryptocurrency globally during the last two years ($400 million in 2020 and over $80 million in Q1 2021).

Mitigating the abuse of virtual assets on a global scale would impact the business model and the main instrument used by the ransomware cybercrime groups to collect ransoms from their victims and launder the funds obtained in attacks targeting organizations around the world.

The Counter-Ransomware Initiative hopes to drain their funding and take down their operations by disrupting the ransomware groups’ funding channels.

“We acknowledge that uneven global implementation of the standards of the Financial Action Task Force (FATF) to virtual assets and virtual asset service providers (VASPs) creates an environment permissive to jurisdictional arbitrage by malicious actors seeking platforms to move illicit proceeds without being subject to appropriate anti-money laundering (AML) and other obligations,” the officials said.

“We are dedicated to enhancing our efforts to disrupt the ransomware business model and associated money-laundering activities, including through ensuring our national AML frameworks effectively identify and mitigate risks associated with VASPs and related activities.”

Also Read: 4 Considerations In The PDPA Singapore Checklist: The Specifics

The efforts to disrupt ransomware groups’ abuse of cryptocurrency will include regulators, financial intelligence units, and law enforcement regulating, supervising, investigating, and taking action against virtual asset exploitation.

“We will also seek out ways to cooperate with the virtual asset industry to enhance ransomware-related information sharing,” the officials added.

The states behind this action will leverage their financial institutions and infrastructure to jointly fend off ransomware activity targeting international partners’ critical infrastructure.

Complementary efforts will also include disrupting the ransomware ecosystem through law enforcement collaboration, improving network resilience to prevent attacks, addressing ransomware criminals’ safe-havens, and diplomatic engagement to encourage other countries to address ransomware operations active within their territory.

Ongoing effort to disrupt ransomware threats

In September, the U.S. Treasury Department announced its first-ever sanctions against a cryptocurrency exchange for facilitating ransom transactions for ransomware gangs and helping them evade sanctions.

The U.S. government has also levied sanctions against other threat actors and entities associated with ransomware gangs in recent years.

Two years ago, in 2019, the U.S. charged multiple members of the Evil Corp for stealing more than $100 million and added them to the Office of Foreign Assets Control (OFAC) sanctions list.

Evil Corp has been linked to multiple ransomware families over the years, including WastedLockerHadesPhoenix CryptoLocker, and PayLoadBin.

In October, the U.S. Treasury also warned that ransomware negotiators could face civil penalties for facilitating ransom payments if they involved ransomware gangs already on its sanctions list.

In July, Interpol urged police agencies and industry partners worldwide to fight together against the ransomware threat after G7 leaders asked Russia to crack down on ransomware gangs operating within its borders.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us