![]() He’s been working to build a starting trove of information since, tracking nearly $57 million in payments so far. Anyone can download the resulting database. In terms of total payments received, the NetWalker gang leads all-time in the data Cable has collected to date, with more than 3,000 payments compared to nearly 750 payments to Ryuk, the gang receiving the second most. Nickels told CyberScoop she thought that Cable’s idea “comes with some challenges,” namely in verifying the accuracy of data submitted to the site. ![]() She also said that while it might offer an avenue for organizations cautious about disclosing data to government agencies to share information, it won’t be a complete database. “Ransomwhere is a great example of how members of the cybersecurity community are working together to try to combat ransomware,” she said via email. “While it’s an imperfect solution, when it comes to the ransomware problem, we’re at the point where trying new ideas and approaches is worthwhile to try to put a dent in this pervasive global threat.”Ĭable said he’s aware of the risk of someone submitting false data. “The remedy is that I make all the data public, and I also manually approve the reports, and people are required to share in a public way,” such as documentation or a screenshot, he said. It’s not “surefire,” but there are safeguards, Cable said. He doesn’t worry about running afoul of law enforcement efforts - the Justice Department notably recovered $2 million worth of cryptocurrency that Colonial Pipeline paid to DarkSide ransomware operators, in part by tracking a bitcoin ledger - because Cable expects that savvy ransomware gangs are already wise to cops’ techniques. Cable himself has helped victims avert potential losses. ![]() Ransomwhere is “never going to be a complete picture of everything that’s happening,” Cable said. “But I think it’s still better than nothing, to know at least what we can see and have some public transparency here to assess it.In this episode of Security Nation, Jen and Tod chat with Jack Cable, security architect at the Krebs Stamos Group, about Ransomwhere, a crowdsourced ransomware payment tracker. They chat about how Cable came up with the idea, the role of cryptocurrency in tracking these payments, and how better data sharing can help combat the surge in ransomware attacks. ![]()
0 Comments
Leave a Reply. |