Ransomware attacks by cybercriminals are getting even more dangerous and costly. Thanks to avant-garde methods used by hackers, ransomware attacks can affect individuals, companies, and industries at any time. Earlier this week, Positive Technologies- a cybersecurity firm, released a report showing an increase of 30% in all attacks using malware when compared to Q2 in 2020. The ransomware attacks increased to 69% from 63% in the second quarter this year. Among all the attacks on different industries, governmental institutions are the most targeted followed by medical and other industrial companies.
Source: Positive Technologies
The report also found that among the attacks on organizations, the attacks on governmental institutions increased to 20% in Q2 from 12% in Q1 of 2021. Ransomware was also responsible for attacks on the industrial sector in Q2 and was accountable for 80% of the total malware attacks. Ransomware groups also targeted many individuals, but the malware was used in 60% of attacks. After ransomware and malware, attackers utilized banking trojans which comprised 30% of attacks.
Source- Positive technologies
As ransomware attacks were behind 9% of attacks involving other malware, Nitro Ransomware is one example that targeted individuals. In this type of attack, attackers spread this malware under the disguise of a tool for generating gift codes for Nitro, an add-on for Discord- a community-based chat application. After launching, the malware collects data from the browser and then will encrypt files on the victim’s system. To receive a tool to decrypt the files, they coerce the victim to purchase a gift code for activating Nitro which is passed along to the group responsible.
Ransomware attacks have been increasing in frequency since April 2021. However, the true effectiveness of ransomware was observed in May 2021 when the Colonial Pipeline and the District of Columbia Metropolitan Police were targeted. This caught the attention of law enforcement agencies like the FBI and the US government in leading efforts to mitigate future ransomware attacks. Since then, cybercriminals have adopted more sophisticated methods, relying less on third-party partners to carry out attacks and shifting their focus to distributors.
When it comes to methods for distributing malware, email (58%) remains the primary method, followed by compromising servers, computers, and network equipment (33%), and then attacks from embedded websites (8%).
What can organizations and individuals do to stay safe?
- Protect your data
- Perform regular backups which are stored on isolated and dedicated servers that are segmented from networks used for daily operations.
- Use different usernames and passwords for each website and account
- Encrypt all crucial information.
- Use MFA wherever possible
- Monitor security situation
- Train and educate employees regarding cybersecurity
- Perform penetration tests regularly
- Keep software patched and up to date.
- Audit the security of web apps, to identify and terminate vulnerabilities
- Use security solutions
- As a preventive measure, deploy web application firewalls
- Install proven antivirus software
- Manage software updates and patches as a priority
- Using security solutions will help detect sophisticated targeted attacks in real-time and previously overlooked attacks.
- Do away with weak passwords
- Impose a password policy with complexity and strict length requirements.
- Change all default passwords so that they satisfy strict password policy requirements.
- Avoid saving passwords on computers.
For more news and updates, visit https://blog.excellimatrix.com/
You can also reach out to us on Facebook, & LinkedIn or Contact us directly.