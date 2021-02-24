Sign up for our daily briefing

Ransomware actor netted over $123 million in 2020

Illustration: Aïda Amer/Axios

Threat actors using the Sodinokibi ransomware made “at least” $123 million in 2020, stealing roughly 21.6 terabytes of data, according to a new report by IBM researchers.

The backdrop: Sodinokibi was the most-used ransomware observed by the researchers, accounting for 22% of all incidents in 2020. Cyber criminals using Sodinokibi demanded $42 million for a single ransom, writes IBM.

Why it matters: In 2020, ransomware actors “shifted tactics to not only encrypt data and render it impossible to access,” write the researchers. “They also stole it, and then threatened to leak sensitive data if a ransom was not paid.”

By the numbers: The Sodinokibi ransoms “peaked in June or July 2020 and then rose again after a brief lull in August and September, potentially related to threat actor availability, vacations, and alternate employment obligations,” write the researchers.

  • Nearly two-thirds of Sodinokibi victims agreed to pay the requested ransom, writes IBM — but more than 40% of their victims still had their data leaked.
  • By far, the most Sodinokibi victims — 58% — were based in the U.S., with the U.K. coming in second at 8%.
  • The most targeted entities were companies in the manufacturing, professional services and wholesale sectors. “Nearly all” ransomware attacks on the retail sector made in 2020 were made via Sodinokibi, writes IBM.
  • But the threat actors using Sodinokibi have also been perfectly happy to hold governments hostage, being responsible for almost half of all ransomware attacks on government entities in 2020, per the IBM researchers.

Sarah Mucha
Updated 53 mins ago - Politics & Policy

White House stands by imperiled Tanden nomination after Senate panel postpones hearing

Neera Tanden. Photo: Anna Moneymaker/The New York Times/Bloomberg via Getty Images

The Senate Homeland Security Committee is postponing a confirmation hearing scheduled Wednesday for Neera Tanden, Axios has learned, a potential death knell for President Biden's nominee to lead the Office of Management and Budget.

The latest: Asked Wednesday afternoon whether Tanden has offered to withdraw her nomination, Psaki told reporters, "That’s not the stage we’re in." She noted that it's a "numbers game" and a "matter of getting one Republican" to support the nomination.

Ursula Perano
59 mins ago - Politics & Policy

Acting Capitol Police chief: Officers were unsure of lethal force rules on Jan. 6

Photo: Chip Somodevilla/Getty Images

Acting U.S. Capitol Police Chief Yogananda Pittman wrote in prepared remarks for a House hearing on Thursday that officers in her department were "unsure of when to use lethal force" during the Jan. 6 insurrection.

Why it matters: Capitol Police did deploy lethal force on Jan. 6 — shooting and killing 35-year-old Ashli Babbit — but have faced questions over why officers appeared to be less forceful against pro-Trump rioters than participants in previous demonstrations, including those over Black Lives Matter and now-Supreme Court Justice Brett Kavanaugh.

Axios
1 hour ago - Economy & Business

United CEO is confident people will feel safe traveling again by 2022

Axios' Joann Muller and United CEO Scott Kirby. Photo: Axios

United Airlines CEO Scott Kirby believes that people will feel safe traveling again by this time next year, depending on the pace of vaccinations and the government's ongoing response to the pandemic, he said at an Axios virtual event.

Why it matters: Misery for global aviation is likely to continue and hold back a broader economic recovery if nothing changes, especially with new restrictions on international border crossings. U.S. airlines carried about 60% fewer passengers in 2020 compared with 2019.

