Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face.

That is, based on recently published research conducted by Group-IB, which analyzed the rapidly changing threat landscape. Their findings should disturb every business owner.

Here's a quick overview:

First and foremost, ransomware attacks have become much more commonplace. The year 2019 saw a 40 percent increase over 2018, which is a clear indication that hackers around the world are increasingly seeing ransomware strains as their preferred vehicle for attacking organizations.

Second, the average size of the ransom demanded has been steadily increasing, moving from just $6,000 to a staggering $84,000. The focus is on large corporations and government agencies being the driving factor behind the dramatic increase.

In terms of tactics, far and away, the most common means of gaining an initial foothold onto a corporate or government network is RDP (Remote Desktop Protocol). RDP serves as the point of entry for 70 percent-80 percent of the attacks.

Aside from this, incident response teams report that exploit kits and spear phishing campaigns were also used regularly, though these were vastly overshadowed by RDP. The teams responding to Group-IB's information requests also noted that more advanced ransomware actors relied on advanced methods that gave them access to more valuable targets.

The methods the hackers used include:

  • Compromising MSP's (Managed Service Providers)
  • Exploiting un-patched vulnerabilities in applications
  • Compromising supply chains

The bottom line is that no one is safe, and the price of a successful breach has increased dramatically. Worse, an increasing percentage of hackers are now demanding not one, but two ransoms from each target they hit. The initial payment to unlock encrypted files and a second payment to delete their copies of stolen files, rather than publishing them for all to see.

The best way to keep your company safe from this particular threat is to minimize your reliance on RDP and to make sure you've got a robust backup plan in place. If you haven't yet taken both steps, the time to do so is now.

About the Author

Marty Parker

Marty Parker
Owner & General Manager

Marty is the Owner and General Manager of Heritage Digital. Marty has managed and built high-performing IT teams for over 30 years. He served 13 years in the manufacturing industry and 13 years in corporate-owned healthcare organizations. Before acquiring Heritage Digital, Marty was the Chief Information Officer of Carolinas Hospital System (now MUSC Health Florence Medical Center) in Florence, SC. Marty is passionate about educating and protecting people against cybercriminals.

Used with permission from Article Aggregator