Author: neil

Legal dignitaries and cyber experts who spoke online at an international conference on Cyberlaw, Cybercrime and Cybersecurity said that after the pandemic triggered a data avalanche on the Internet which dramatically increased vulnerabilities to cyberattacks, nations have been forced to introduce more extensive legal frameworks to ensure data security and privacy for their netizens and cyber sovereignty for themselves.

“It is critical for technology to accurately pinpoint people who contravene with personal data privacy, government security and break the rules of the Internet, the data superhighway. It could be something like a driver’s license as violations are trackable thus easily identifying violators”, said Vint Cerf, Google Chief Internet Evangelist, who is considered one of the ‘fathers of the Internet’.

Globally, some $6 trillion have been lost by nations to cybercrimes in 2020 and more than $8 trillion in losses are estimated in 2021. As per Gartner Research, 63% of the countries all over the world are planning to come up with cyberprivacy-related legislation by 2023 as cybersecurity issues have emerged as a top concern for several governments.

“With cyberlaw is a constantly evolving paradigm, most governments are working on holistic legal methods to safeguard their critical information infrastructure (CIS) and protect rights and digital independence of netizens. New technologies are increasingly putting the focus back on pushing the envelope of cyberlegal jurisprudence globally. So, nations have realized the importance of creating distinctive sub-disciplines of law under the cyberlaw umbrella such as cybersecurity, cybercrime, law for artificial intelligence, blockchain and IoT, among others”, said Pavan Duggal, cyberlaw expert and author of several books on cyber regulations.

On Friday, the FBI published a warning about a ransomware group Cuba’s attacks that have managed to extort $43.9 million from victims. The hackers have compromised at least 49 entities involved in critical infrastructure sectors, including healthcare, manufacturing, IT, government and finance, says federal investigators.

According to the FBI, the attacks were done through a Windows-based malware program called Hancitor. This program has been around since 2013 and uses phishing emails, Microsoft Exchange vulnerabilities, compromised data and legitimate tools such as PowerShell and PsExec to gain initial access and help spread the Cuba ransomware program across a victim’s network. Aside from downloading malicious programs, spam email campaigns are also one way Hancitor can be delivered to infect a PC. It then proceeds to encrypt files across a computer with the file extension “.cuba.” The ransomware group threatened to dump them over a website on the Dark Web unless ransom is paid thus the victims have to pay up in Bitcoin to decrypt the files. Cuba ransomware actors have received at least $43.9 million out of the $74 million demanded amount.

Some security researchers in Israel suspect that although the ransomware gang uses the name Cuba, they are actually based in Russia, a country that refuses to extradite criminal hackers to the US.

This warning was issued by the FBI as the Biden administration has made it a national security priority to stop ransomware. Victims are urged to report a ransomware attack as soon as possible, otherwise it may be too late for the FBI to respond.