Windows TCO Leftovers
-
The Record ☛ Exclusive: UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments
But the new obligation on victims to report ransomware attacks could depend on the successful replacement of Action Fraud, the country’s official fraud and cybercrime reporting platform. Earlier this year officials from the City of London Police admitted that the replacement service, which is being built by outsourcer Capita, was delayed.
It is not yet clear how the licensing regime would work. While the move is expected to complement the mandatory reporting requirement and potentially help some victims realize they had an alternative to making an extortion payment, there are concerns that in some cases the application process could delay recovery and potentially increase the harm and disruption caused by a ransomware attack.
-
The Register UK ☛ Ransomware innovation slowdown a product of crims' success
The number of new ransomware strains in circulation has more than halved over the past 12 months, suggesting there is little need for innovation given the success of the existing tools used by top gangs.
Only 43 new ransomware families were observed in 2023, according to Rapid7's research published today, a stark decrease from 95 the previous year.
-
The Register UK ☛ ARPA-H pledges $50M for hospital IT security auto-patching
ARPA-H has called this program Universal PatchinG and Remediation for Autonomous DEfense, or UPGRADE for short. The agency basically wants techies to get together and build a suite of software tools that can scan for vulnerabilities and weaknesses in hospital computer systems, and then automatically deploy patches for identified threats, developing and testing fixes and mitigations as needed.
As such, the agency this week invited teams to apply for funding totaling tens of millions of dollars to create UPGRADE and see it through to completion.
-
YLE ☛ [Intruder] could have personal information of every schoolkid in Helsinki, City says
City authorities announced last week that the data breach affected about 80,000 parents and guardians, but this figure is now estimated to be 150,000. The [intruder] also gained access to the information of around 38,000 City employees.
-
City of Helsinki ☛ Ongoing investigation shows wider target group for the City of Helsinki data breach
With progress made on the investigation into the 30 April data breach, it has emerged that the perpetrator may have gained access to a larger amount of information on the customers of the Education Division’s services. The possible number of people impacted by the data breach is likely to rise.