Here are some of the noted trends that are shifting the Risk of Ransomware: Remote Workforce Attacks – Working from home is nothing new this year, but as the transition continues so does the increased threat to vulnerability. As many employees are connecting via their unsecured home networks for both personal and work, attackers are automating attacks to widen the net. For the attackers, this ideally would lead to massive scale data breaches of systems and services. Also, as employees shift to return back to the office, these potentially infected devices are now connecting back to critical company infrastructures where the bad actors can do the most damage.
Brute-Force Attacks – Back like it never left. Brute-force attacks caused by hackers overwhelming a network in efforts to cause a disrupted denial of service (DDoS) has increased by 12% in the second half of 2020, especially for those who are using simple services delivery protocol (SSDP) and the simple network management protocol (SNMP) according to Security Intelligence. (Security Intelligence, 2021) With an increase in online traffic and dependence on online services for organizations, it has made organizations more vulnerable to brute-force attacks. Cybercriminals are even using artificial intelligence (AI) to cause DDoS. The goal of an organization’s network disruption is to create slower response times or entirely halting services.
Fileless Frameworks – Fileless threats work off memory and typically leave no trace after execution in turn making it difficult to detect and also remove. A new tactic bad actors have deployed in 2021 is infiltrating technology service providers and even software providers rather than specific organizations. Attackers use this to their advantage by later using their existing infrastructure to attack downstream clients.
Old Cybersecurity Trends Still Matter – As we continue to face all new types of ransomware the older ones still exist and pose the same threat. This includes trojans and botnets, that are received in familiar looking email attachments and malicious links. Ransomware continues to develop into a stronger and smarter threat. Not only are attackers encrypting system data, but also threatening to sell the extracted sensitive data if a ransom is not paid. This strategy, often referred to as Double Extortion, works particularly well with organizations that are under regulatory compliance. Socially Engineered Phishing – With access to data such as trending search engine trends and social media feeds, hackers can create phishing campaigns with even higher chances of success. These types of phishing attacks create more of a risk for those who are working from home since the usual security technologies are often unavailable.
Cloud Computing Vulnerabilities – As organizations quickly migrate data to the cloud, we often see a spike in misconfigurations and critical vulnerabilities. As beneficial as the cloud can be, it can be complex and confusing to ensure proper security protection. Cybercriminals are hyper focused on finding exposed gaps and weaknesses in the cloud. Some of these risks include; misconfigured cloud storage, insecure application programming interfaces (APIs), improper compliance, and unauthorized access.
In closing, rather than accept cyber risks as a part of doing business, organizations of all sizes should have the proper technologies and protocols in place to mitigate risk and be proactively monitoring their data in order to protect themselves.
You can read up on how to stay ahead of these emerging cyber risks in our Ransomware Mitigation Whitepaper. In this whitepaper, we cover the 8 strategies SMBs and Enterprises can implement to minimize the threat of a ransomware attack.