One day, people are going to have to learn to stop clicking on every attachment sent by a complete stranger.
The day that actually happens, Infosec will globally have a lot more time to devote to more devious failures.
The Lapsus$ cyber-crime gang, believed to be based in Brazil, until recently was best known for attacks on that country's Ministry of Health and Portuguese media outlets SIC Noticias and Expresso. However, the gang is climbing up the ladder, swinging at larger targets in the tech industry. Over the past few weeks, those have …
One day, we'll have email clients that can be configured to ignore clicking on attachments, and ideally put up a message upon clicking saying that clicking on attachments is bad practice.
The web trains people to click on links without thinking about the possible consequences. Using the same user interface in an email client means that people are already trained to click on links, which in this case is a link to an attachment.
This is a UI/client behaviour failure just as much as a PEBKAC.
One day management will listen to IT security and not grant people access to "every bloody piece of data they company owns!" They will restrict access to "only what they need", restrict access to sensitive data to only special accounts that are not used to surf the web and answer emails.
This includes IT! As an infrastructure architect do I have access to financial and HR data? Absolutely NOT!
"As we saw with the REvil group, if you poke a big enough bear, you can elicit a fairly devastating government and law enforcement response," Ellis said.
Sadly a lesson still not learned or heeded by either the Wannabe Wild Wacky Westerner or formerly Soviet East Bloc Ringmaster.
That fact alone makes both of them deserved of and ripe for rich pickings enabled for channeling by and to A.N.Others.
Its extremely doubtful that the members of REvil Russia arrested will face criminal charges now due the war with Ukraine. I suspect that Russia may even now recruit them to attack businesses and institutions in countries that have sanctioned Russia as a way of generating extra money for their corrupt regime.
"Why the crooks are ramping up their attacks so quickly is still unclear."
As is the reason why other crooks rob banks. .... Doctor Syntax
Willie Sutton succinctly clarified the reason for the latter at least, Doc, .... "Because that is where the money is" ..... or where it used to be. .... https://www.fbi.gov/history/famous-cases/willie-sutton
Nowadays though, there appears to be precious little money available from banks anywhere.