The month of April was busy in the world of cybersecurity. This month’s roundup covers an FBI report on a new ransomware service (RaaS) targeting organizations around the globe, a new government agency focused on cybersecurity, and two exciting new updates for SSL.com products.
FBI Warns of New Ransomware Service That Has Attacked 60 Organizations Worldwide
In the past several months, cybercriminals have been continuously detected offering a new ransomware-as-a-service (RaaS) known by the names BlackCat/ALPHV/Noberus. From its initial discovery in November of last year to March 2022, BlackCat has been able to target at least 60 organizations in various countries.
A Federal Bureau of Investigation (FBI) flash report from April 19, 2022 states: “BlackCat/ALPHV ransomware leverages previously compromised user credentials to gain initial access to the victim’s system. Once the malware establishes access, it compromises Active Directory user and administrator accounts. Initial deployment of the malware leverages PowerShell scripts, in conjunction with Cobalt Strike, and disables security features within the victim’s network.”
The FBI includes the following as strategies to help organizations from being victimized by ransomware:
- Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
- Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
- Use multifactor authentication where possible.
- Require administrator credentials to install software.
SSL.com’s Takeaway: Ransomware costs companies worldwide billions of dollars every year, and paying cybercriminals is increasingly discouraged because evidence shows that there is no assurance that they will be true to their words once they are paid. Please read our article Preventing Ransomware with Digital Certificates for more information about these kinds of attacks and what you can do to prevent them. Additionally, we would like to announce the upcoming release of our new Client Authentication Digital Certificates which can help combat ransomware attacks. SSL.com ClientAuth Certificates protect an organization’s critical systems by providing an extra layer of security to sensitive data and digital assets. Even if passwords are compromised, these certificates ensure that only the verified individuals or organizations are granted access to a server. Stay tuned for the official release of our ClientAuth Certificates!
US Department of State Officially Opens New Cybersecurity Government Agency
On April 4, 2022, the US State Department officially opened the Bureau of Cyberspace and Digital Policy (CDP), a new government agency tasked with improving the country’s cyber defense and creating policies that will protect privacy and data on the internet.
The CDP aims to assist other US government agencies and organizations in responding to home-grown cybersecurity threats as well as attacks that are done by cybercriminals from other countries. It has three policy units that will cater to security policy, international communications and information policy, and digital freedom.
During the opening ceremony, Secretary of State Anthony Blinken is quoted as saying: “The last few years have made evident how vital cybersecurity and digital policy are to America’s national security. We’re in a contest over the rules, infrastructure, and standards that will define our digital future.”
This new government agency comes in light of large-scale cyber attacks that have been dealt against several institutions in the country in the last two years, including the 2020 cyber espionage against IT company SolarWinds, the May 2021 ransomware attack against the country’s major diesel pipeline system Colonial Pipeline, and the September 2021 ransomware attack against large farming cooperative NEW Cooperative.
SSL.com’s Takeaway: We look forward to the cybersecurity benefits that this new agency will bring. We have known for a long time that the best method for governments to protect their websites, data, and transactions is by acquiring tried and tested Public Key Infrastructure (PKI) services from cybersecurity professionals. Head over to our PKI and Digital Certificates for Government article to learn how we help government institutions strengthen their cybersecurity through PKI.
SSL.com’s eSigner Cloud Key Adapter now integrates with Windows ClickOnce for Code Signing
SSL.com’s eSigner CKA can now integrate with ClickOnce using Visual Studio 2019 and 2022 to perform both manual and automated EV code signing for downloadable software. This is a feature upgrade for eSigner CKA, our free Windows-based application, that acts like a virtual USB token and enables automated EV code signing in CI/CD processes.
As is common knowledge, Microsoft Visual Studio is an integrated development environment (IDE) that is a standard tool among software developers due to its cross-platform support, high-quality code testing features, and freeware status.
We have integrated the capabilities of eSigner CKA with the versatile features of ClickOnce and Microsoft VS to help engineers perform EV code signing for their software without having to keep external USB tokens or familiarize themselves with networked HSMs which can be complex. eSigner CKA provides ease of code signing and Microsoft Visual Studio complements this with its collaborative interface.
If you would like to know how you can perform EV code signing using eSigner CKA and ClickOnce, please read our article ClickOnce eSigner Cloud Key Adapter Integration.
SSL.com soon to release Adaptable Driver for Venafi
For our company update, we have partnered with Venafi in developing the SSL.com Adaptable Driver for Venafi. Our adaptable driver will make it easier than ever to automate certificate provisioning, keep up on expirations and revocations, protect client access and easily manage your encryption services.
Venafi leads the way when it comes to machine identity protection by securing the cryptographic keys and digital certificates of companies and governments all over the world. This global positioning of Venafi encouraged us to partner with them.
As Jeff Hudson, CEO of Venafi, explains: “Often, organizations don’t understand the risks to their machine identities, despite the fact that compromised machine identities are frequently used in cyberattacks.”
This is where SSL.com’s unrivaled support and expertise comes in to bring the best of publicly trusted certificate authority solutions to the Venafi platform and help the cybersecurity needs of various organizations. Stay tuned for the official release of the SSL.com Adaptable Driver for Venafi!