Law enforcement deals blow to REvil/Sodinokibi operations and more ransomware and phishing news

Published 11/18/21, 9:30am

Cybersecurity news from the week of 11/08/21

This week we recap some big news in the world of ransomware involving arrests and indictments against several notorious ransomware operators. We also highlight some of the continuing ransomware problems, including recent attacks and tactics. In addition, we take a look at the continuing challenge with phishing, which remains the number one cyberthreat problem affecting businesses.

• ‘GoldDust’ operation shuts down REvil
• Ransomware News: Magniber gang; Comic book distributor gets hit; Operation Cyclone and more
• Phishing new roundup: One Font BEC campaign, BazarBackdoor malware, and HTML smuggling 

Cybersecurity news final thoughts

With the news of the GoldDust operation, the question at the forefront of many cybersecurity minds is whether the recent arrests, indictments, sanctions will have an impact on the world of ransomware. While it remains unlikely that the notorious REvil/Sodinokibi gang are gone for good (the masterminds behind the operation remain at large), security experts are guardedly optimistic that the increasing collaboration between global law enforcement, governments, and private cybersecurity firms can have a noticeable impact on the ransomware scourge.

Cybersecurity professionals are also quick to point out that REvil/Sodinokibi is only the tip of the iceberg when it comes to ransomware activities, with several other equally dangerous and repulsive ransomware gangs operating worldwide, ready to jump in to fill any gaps left by REvil.

Fortunately, it appears that the current tactics are working. As we mentioned in our August blog “Will $10 million bounties, executive orders, and sanctions solve the ransomware problem?”, one thing is definitely clear: stopping ransomware attacks will unquestionably involve multiple approaches, tools, agencies, industries, experts, and governments working collectively.