Technology Ransomware as a service is the new big problem for business
Ransomware is now a national security risk. This group thinks it knows how to defeat it
Recommendations ranging from additional support for victims to regulating Bitcoin to prevent it being used to extort payment aim to help protect society as a whole from being plagued by ransomware attacks.Ransomware is a growing international problem and it needs global cooperation in order to prevent attacks and take the fight to the cyber criminals behind the disruptive malware campaigns.
Ransomware as a service is proving effective for cyber criminals who want a piece of the cyber-extortion action but without necessarily having the skills to develop their own malware, with two out of three attacks using this model.
are still proving extremely lucrative, with the most well-organised gangs earning , so many cyber criminals want to cash in – but don't have the ability to code and distribute their own campaigns.
These two unusual versions of ransomware tell us a lot about how attacks are evolving
Researchers detail two new types of ransomware - AlumniLocker and Humble. Both are new and have very different ways of doing things, demonstrating the diversity in a space attackers are keep to get involved in.Two newly discovered forms of ransomware with very different traits show just how diverse the world of ransomware has become as more cyber criminals attempt to join in with cyber extortion.
That's where ransomware as a service (RaaS) comes in, with developers selling or leasingto users on dark web forums. These affiliate schemes provide low-level attackers with the ability to distribute and manage ransomware campaigns, with the developer behind the ransomware receiving a cut of each ransom victim's pay for the decryption key.
SEE:(ZDNet special report) | (TechRepublic)
How ransomware is evolving as a threat to organizations
Cybercriminals know they can make money with ransomware and keep getting bolder with their demands, says Palo Alto Networks' Unit 42.The number of victimized organizations hit by each ransomware family with their data publicly leaked in 2020.
have detailed that almost two-thirds of ransomware attacks analysed during 2020 came from cyber criminals operating on a RaaS model.
Such is the demand for ransomware as a service, that 15 new ransomware affiliate schemes appeared during 2020, including, , , and many others.
Competition among ransomware developers can even lead to the authors providing special deals to wannabe crooks, which is more bad news for potential victims.
"Affiliate programs make this kind of attack more attractive for cybercriminals. The tremendous popularity of such attacks made almost every company, regardless of their size and industry, a potential victim," Oleg Skulkin, a senior digital forensics analyst at Group-IB, told ZDNet.
"Companies had to provide their employees with the capability to work remotely and we saw an increase in the number of publicly accessible RDP servers. Of course, nobody thought about security and many of such servers became the points of initial access for many ransomware operators," said Skulkin.
9 tips to protect your organization against ransomware
Over the past six months, the number of organizations hurt by ransomware shot up by more than 50%, says Check Point Research.SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)
However, despite the success of ransomware attacks and RaaS schemes it's possible to help protect against falling victim to them with a handful of cybersecurity procedures – including avoidinglimiting public access to RDP.
"RDP-related compromise can easily be mitigated with the help of some simple but efficient steps like the restriction of IP addresses that can be used to make external RDP connections or setting limits on the number of login attempts within a certain period of time," said Skulkin.
Organisations can also help protect the network from ransomware and other attacks via the use ofto limit the access an attacker can get if they do breach an account, while after they're released prevents criminals from being able to .
All of this can help prevent organisations from falling victim to ransomware attacks in the first place – and cut off the need to pay ransoms and encourage ransomware schemes.
Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police
DHS Secretary Alejandro Mayorkas said in March that ransomware "now poses a national security threat."The suspected attack was reported earlier this week as the latest in a series of high-profile cyberattacks in the U.S. It comes just weeks after U.S. Department of Homeland Security Secretary Alejandro Mayorkas identified ransomware as a force posing a "national security threat" to the U.S.
"As long as companies pay ransoms, determined only by attackers' appetite, such attacks will continue to grow in numbers and scale and are likely to become more sophisticated," Skulkin concluded.
MORE ON CYBERSECURITY
Nonprofit provides help to hospitals battling ransomware .
The Center for Internet Security recently launched a free tool for private U.S. hospitals to block malicious activity.Doctor and nurse discussing over digital tablet at the hospital