This has to be at least the fifth consecutive "Year of Ransomware"

[View this email in your browser]( [Open Ars Technica in your browser]( This is a sentence we could basically share every summer since 2016: Ransomware is in no way new, but it seems to be having its biggest year yet. The 2016 [Petya]( attacks probably put the concept of ransomware onto many people's radar, but [as recently as 2017]( we were still defining the term upon first mention in stories. Over the years, we've seen these hacker hostage schemes target [local governments](in [virtually]( [every]( [state](, [hospitals](, [schools](, [police departments](, and practically every public entity in US life. And in 2021, even the most tech-savvy of organizations aren't always immune, as evidenced by a [recent dustup where Apple had a supplier fall victim](. The last month-plus has yet again given us the (fifth consecutive?) Year of Ransomware™. So for this week's Orbital Transmission, we're running down the highest profile attacks to be aware of and highlighting the government response now that ransomware has clearly risen to become a country infrastructure threat. Remind everyone at work to not click unusual emails so quickly, then pass along some of these recent ransomware horror stories to drive the point home—it can and has happened to seemingly everyone at this point. —[Nathan Mattise]( Dealmaster's Deal of the Week Dealmaster's Deal of the Week Anker Soundcore Life Q30 for $60 at Amazon (normally $80) Here's the lowest price we've tracked for this [recommended pair]( of wireless noise-canceling headphones for those on a budget. To see the discount, clip the $20 on-page coupon before checkout. [$60 at Amazon]( Orbital Transmission 06.09.2021 Orbital Transmission 06.09.2021 [(image) ]( Where's the beef? Ransomware gang REvil prefers payment before answering [Read Full Story »]( Where's the beef? Ransomware gang REvil prefers payment before answering Last week, a [ransomware attack struck the world’s biggest meat producer](, causing it to halt some operations in the US, Canada, and Australia while threatening shortages throughout the world, including up to a fifth of the American supply. And the FBI identified the culprits as REvil, one of the most cutthroat ransomware attacking groups out there. REvil and its affiliates account for about four percent of attacks on the public and private sectors. In most respects, REvil is a fairly average ransomware enterprise. What sets it apart is the cruelty of its tactics, which are designed to exert maximum pressure on victims. The meat producer, JBS, is back up and running now, but it's [unknown whether they ultimately paid up](. [Read Full Story »]( [(image) ]( FBI seizes $2.3M paid to the Colonial Pipeline ransomware attackers [Read Full Story »]( FBI seizes $2.3M paid to the Colonial Pipeline ransomware attackers From meat producers to [local news stations](, ransomware has seemingly hit all types of businesses in 2021. But the biggest incident by far happened earlier this spring, when a ransomware attack on the Colonial Pipeline disrupted the oil and gas supply across the US. The impact was so devastating, that even though the DarkSide decryptor tool was widely known to be slow and ineffective, Colonial paid the ransom anyway. The sum was a staggering $4.4 million according to The Wall Street Journal (which cited the company's CEO). But this week, the FBI struck back to a degree, saying it's seized ~$2.3M from a Bitcoin wallet used to pay off the ransomware. The seizure is remarkable because it marks one of the rare times a ransomware victim has recovered funds it paid to its attacker. [Read Full Story »]( [(image) ]( Literally no area of life is immune, so ransomware surfaces in the Israel-Palestine conflict [Read Full Story »]( Literally no area of life is immune, so ransomware surfaces in the Israel-Palestine conflict The devastation occurring this spring/early summer as a result of the Israel-Palestine conflict has been horrible enough, but digital attacks have been on the rise, too. Most notably, researchers in late May said they uncovered never-before-seen disk-wiping malware that disguises itself as ransomware only to then unleash destructive attacks on its Israeli targets. Apostle, as researchers at security firm SentinelOne are calling the malware, was initially deployed in an attempt to wipe data but failed to do so, likely because of a logic flaw in its code. The internal name its developers gave it was “wiper-action.” But in a later version, the bug was fixed and the malware gained full-fledged ransomware behaviors, including the ability to leave notes demanding that victims pay a ransom in exchange for a decryption key. [Read Full Story »]( [(image) ]( The situation has become bad enough to get a dedicated DoJ task force [Read Full Story »]( The situation has become bad enough to get a dedicated DoJ task force “To ensure we can make necessary connections across national and global cases and investigations… we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow the threats to persist,” Deputy Attorney General Lisa Monaco told US attorneys throughout the country last Thursday. And with that, a centralized Justice Dept. task force dedicated to ransomware was born. The hope is to centrally track and coordinate all federal cases involving ransomware or related types of cybercrime, such as botnets, money laundering, and bulletproof hosting. Monaco’s memo instructs attorneys to notify senior Justice Department officials whenever they open a case involving ransomware or when there are significant developments, and perhaps the government's Colonial Pipeline payment partial recovery shows the DoJ has some ability here. [Read Full Story »]( [(image) Condé Nast Spotlight | The breaking news and top stories everyone is talking about. All in one place. The most popular stories from Vogue, GQ, The New Yorker, Vanity Fair, Wired, Architectural Digest and more. STAY INFORMED]( [Facebook]( [Twitter]( [YouTube]( [Instagram]( Copyright © 2021 Condé Nast, All rights reserved. Our mailing address is: Condé Nast One World Trade Center New York, NY 10007 Want to change how you receive these emails? You can [update your preferences](newsletter=ars) or [unsubscribe from this list](newsletter=ars).