It’s become a frequent fixture in the news — a ransomware attack has affected a business in some way. From banks to healthcare to manufacturing, sectors now more than ever need protection from cybercriminals who are using technology to extort funds from unsuspecting businesses.
As noted in a review article of the latest on cyberattacks on ZDNet, companies have shelled out multi-millions of dollars to hackers — and it’s getting easier for these criminals to find what they need to carry out a ransomware attack. The article reports that “initial access offerings” are now convenient to find and buy online, ending the previously extensive legwork to find ransomware to use on a business’ network.
Trends in current ransomware
The article’s author, Charlie Osborne, mentions several running threads that have been a part of ransomware attacks this year. Among those she mentions:
- The rise of IABs, or initial access brokers. These are criminal organizations that work directly with ransomware groups to find targets.
- RDP and VPN credentials or weak spots are the current preferred methods to gain access.
- The newly-named “one-two punch” method of ransomware is on the rise. This is where cybercriminals will threaten to leak sensitive data stolen during an attack as an unfortunate add-on to the system attack itself.
- More English-speaking people are being recruited by ransomware attackers to perform the negotiations.
A dangerous new business model
Matthew Ferraro, a former intelligence officer and now a consultant to governments on cyber security, recently outlined how ransomware attacks are being carried out for a story on CNN’s website. Ferraro calls ransomware part of a general trend called “democratization of violence,” where it has been made all too easy for people to carry out attacks due to the availability of the tools to become a cybercriminal and earn a lucrative payday.
In his description of ransomware attacks, Ferraro notes that criminals access a company’s computer system, attach malware to encrypt its system data, and then contact the company to get a ransom before it decrypts the data. Bitcoin is often used for ransom payment, as it’s more difficult than regular currency to trace once sent.
Part of the latest security risk around ransomware is the rise of “ransomware as a service,” as criminal developers offer their own malware to anyone who wants to carry out an attack. The developer then receives part of the ransom for payment.
“Anyone with an internet connection — from nation-states to criminals to terrorists — with minimal skills and malevolent intentions can now launch these attacks,” Ferraro writes.
CHIPS’ solution to prevent all ransomware is AppGuard, the only technology available with a 7-year track record of success. We have set aside time online for senior business leaders, board members and IT professionals to see a live demo of AppGuard. Go to our Calendly site to see the dates and times currently available. You can also visit our main website to learn more about what we offer.
