The current threat landscape and cybersecurity projections are pointing towards large enterprises paying higher ransoms next year. In this article at Help Net Security, Zeljka Zorz shares details of growing ransomware attacks on big organizations. According to a ransomware IR provider Coveware, Q3 2020 experienced a sharp 31 percent rise in ransomware payments. Most cases reported have one thing in common: the attackers exfiltrated confidential company data. They were asking for additional charges just to remove the virus from the system.
No Predictable End
Some organizations suffered a massive loss of funds, data, and reputation, even after paying the due ransom to the threat actors. They released the exfiltrated data, confirmed Coveware. Indeed, the data cannot be scraped reliably. Neither is it safe nor do the attackers abide by rules. They often share with the other ransomware groups that misuse the leaked information further or post it online. Despite committing to not releasing it, the attackers keep exploiting the victim organizations for another round of payments later.
Take Responsible Action
The subjects of data exfiltration must take the challenging yet responsible route to counter the invaders. At first, seek advice from proficient data privacy attorneys that can investigate the data breached. Let them send notifications that result from their investigation and counsel on the case.
RDP Attack Trajectory
According to the Coveware analysts, inappropriately acquired remote desktop protocol (RDP) networks and login credentials are the powerful weapon of threat actors. They are some of the most common approaches used by them to initiate attacks. Phishing emails and software vulnerabilities are the close seconds.
Hackers can buy remote desktop protocol credentials at not more than $50. However, to initiate phishing emails or vulnerability attacks, they need more funding, even after getting helped by other attackers. The phishing attacks further intensify the hackers’ privileges until they lead the command of the server domain. Once that happens, your organization suffers data exfiltration and ransomware within a few hours. Any organization or industry can get under the radar of cybersecurity breaches. Currently, they are targeting professional services industries like healthcare.
Click on the following link to read the original article: https://www.helpnetsecurity.com/2020/11/05/ransom-payment-risky-gamble/