Articles about Ransomware

Segmentation is an approach that separates critical areas of the network to control traffic, prevent lateral movement, and ultimately reduce the attack surface.

But according to a new study from Guardicore -- based on a survey of over 1,000 IT decision makers by Vanson Bourne -- while 96 percent of organizations claim to be implementing segmentation in their networks, only two percent are segmenting all six mission-critical asset classes, including critical applications, public-facing applications, domain controllers, endpoints, servers, and business critical assets/data.

Continue reading →

When the Colonial Pipeline ransomware attack became public in the first half of 2021, many were surprised that the company paid a $4.4 million ransom to recover its business systems. After all, it’s unthinkable that a company so large wouldn’t have backups in place. According to an article in the Wall Street Journal, however, Colonial’s CEO "authorized the ransom payment of $4.4 million because executives were unsure how badly the cyberattack had breached its systems, and consequently, how long it would take to bring the pipeline back."

Colonial didn’t say much more than this about why they decided to pay the ransom, but, assuming the company had backups systems in place, there are two possible scenarios. The first is that the backups, themselves were hit by the ransomware malware. This seems unlikely, as a large organization like Colonial likely follows the 3-2-1 maxim for backup: three copies of data on two different forms of storage media with one offsite. Certainly, it’s possible that there was still a logical connection between all backups and the production network, which would have allowed the attack to access backups. But typically, offsite backups are well protected against this kind of attack and are often stored in a read-only format that cannot be encrypted or overwritten by malware.

Continue reading →

New analysis of more than 200,000 malware samples by Picus Security, a pioneer of Breach and Attack Simulation (BAS) technology, looks at attacker behavior over the last 12 months.

The 2021 Red Report highlights the top 10 most widely seen attack techniques and demonstrates how cybercriminals have shifted towards ransomware over the last year.

Continue reading →

There has been a lot of media attention lately in certain industries around a type of ransomware called DopplePaymer.

Using this ransomware, an adversary will gain access to an organization. From there, they will start infecting systems and will demand a payment and/or threaten to release the victim’s data if the ransom is not paid. This trend of additional extortion become increasingly common with ransomware operators in the past two years.

Continue reading →

As our lives have become increasingly dependent on technology, virtually all personal and business data is kept on internet-connected platforms and in today’s digitized world this has become a gold mine for cyber criminals. In fact, we have seen cyberattacks grow exponentially in the last 12 months and in particular ransomware attacks increased by more than 485 percent in 2020.

Yet ransomware is nothing new. It is astounding to think that this attack technique has been around since 1989, when the first version was created by the "Father of Ransomware" Dr Joseph L. Popp. Disseminated via mailed floppy disks, the program demanded a hefty ransom of $189 to free victims’ data. Fast forward 30 years and still today whenever an organization thinks it has ransomware under control, another attack more sophisticated and effective than the last emerges.

Continue reading →

New research from Python software house STX Next finds that that CTOs see human error, ransomware and phishing as the biggest security threats.

The study of 500 CTOs globally shows 59 percent still see human error as the main security threat to their business, alongside other prominent concerns such as ransomware (49 percent) and phishing (36 percent).

Continue reading →

Around two thirds (66 percent) of UK business leaders expect the threat from cyber criminals to increase over the next 12 months, according to the latest PwC cybersecurity survey of business and technology executives.

In the past year ransomware has had a significant impact on organizations already dealing with the challenges posed by the Covid pandemic, and 61 percent of executives expect to see an increase in reportable ransomware incidents in 2022.

Continue reading →

Ransomware is a particularly heartless -- though undeniably lucrative -- endeavor. Criminals target schools, vital infrastructure, and even patient records in attempts to cash in. As a result, many security professionals put defensive ransomware strategies at the top of their to-do list.

Understandably, most of these strategies start with measures that minimize the footholds attackers can find. Checking inbound emails for ransomware payloads, giving users training on safe internet usage, and monitoring the network for suspicious activity are essential elements of an effective anti-ransomware strategy.

Continue reading →

A lack of preparedness for ransomware attacks on weekends and holidays has a significant impact on victim organizations according to a new report.

The study from Cybereason shows 24 percent of companies have no security plan for holidays and weekends and 43 percent say that attacks at these times take longer to stop.

Continue reading →

New research from security automation specialist Ivanti shows that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since the beginning of 2021.

The report, produced with Cyber Security Works and Cyware, reveals that the last quarter has seen a 4.5 percent increase in CVEs associated with ransomware.

Continue reading →

It is no secret that ransomware has been on the rise in the last 12 months. In fact, the UK has been ranked number 10 on the list of countries worst affected by ransomware in a new report commissioned by Google.

Just days after the publication of Google’s research findings, Lindy Cameron, who heads up UK’s National Cyber Security Centre (NCSC), warned that ransomware now presents "the most immediate danger to the UK” and went on to note that despite the increasing volume of attacks many organizations have no incident response plans in place and rarely test their cyber defenses."

Continue reading →

Only 45 percent of respondents to a recent survey believe it is currently possible to prevent all malware threats from infiltrating their organization's network.

The survey from Deep Instinct does show some longer term optimism though. 66 percent of respondents believe it may be possible to prevent all malware threats from infiltrating their organization's network in the next two to five years.

Continue reading →

Despite the significant shift and adoption of new technologies over the past few years, many businesses still rely on legacy infrastructure. Legacy servers are often still in operation because they are far too critical, complex, and expensive to replace. Famous examples include Oracle databases running on Solaris servers, applications using Linux RHEL4, or other industry-specific legacy technology. 

Although critical to the business, these legacy systems can increase a company's risk -- gaining access to just one unpatched legacy device can be relatively simple for cybercriminals. Once inside, said criminals will move laterally to gain a deeper foothold inside the network and deploy more significant attacks.

Continue reading →

New research from cloud encryption specialist NordLocker looks at which industries are the most popular targets for ransomware, analyzing 1,200 companies hit by 10 infamous ransomware gangs in 2020 and 2021.

Perhaps surprisingly the construction sector tops the list with 93 attacks, followed by manufacturing on 86, finance on 69, healthcare on 65, and with education rounding out the top five on 63.

Continue reading →

Ransomware attacks have surged recently and the disruption they can cause to the operation of a business can cost many times more than the ransom.

Education website Cyber Security Degrees has produced an infographic looking at the impact of ransomware and at how businesses can protect themselves.

Continue reading →