The ransomware plague is not letting up and rapidly getting more technically sophisticated. New strains are popping up every month, using innovative methods to spread. Worse, the ransom demands themselves are skyrocketing at the same time.
This week, cyber insurance experts reported incidents with ludicrous 1 million dollar extortion attempts after attackers were able to encrypt some very important data.
The CEO from a global data recovery firm said ““Ransomware is only going to become more sophisticated, we expect hackers to start using machine learning and artificial intelligence to develop ransomware variants that evade anti-virus with ease.” and “In the past, hackers used to prefer RDP brute-force attacks where they would enter a system, locate back-ups, encrypt with a variant of ransomware and then leave. The attacks were relatively simple and straightforward.”
They’re generally doing a lot more damage than they used to
That’s not the case anymore. We’re seeing more and more hackers moving laterally within systems. They’re getting smarter, turning off anti-virus systems, and creating domain controller accounts to gain complete access to systems. They’re generally doing a lot more damage than they used to.
Cyber criminals are also getting smarter in specifically targeting who to extort. Manufacturers, hospitals, government agencies and schools are particularly susceptible to an attack, especially if they hold sensitive personal information that hackers can exploit to demand more money.
Targeting larger organizations demanding higher ransom fees
Hackers are targeting larger organizations because they’re able to demand a higher ransom fee, and they’re also tending to target countries where they think they can extort more money, places like the US, the UK and Canada, where there are higher costs of living, higher wages and so on.
The most effective way to protect your network against ransomware infections
Cyber risk managers worldwide agree that people are the weak link when it comes to an organization’s exposure to malware–and hackers use social engineering tactics to exploit the people problem.
Stepping all employees through new-school security awareness training is an absolute must “piece of the defense-in-depth puzzle” to protect your network.
Users become your last line of defense and your essential, additional security layer: an effective human firewall.
Stay Safe out there.