Ransomware operators are constantly evolving and gaining higher profits from their attacks. Read on to know why ransomware attacks are here to stay…
Ransomware attacks appear to dominate cyberspace. According to a report by Digital Shadows, ransomware families including Maze, Sodinokibi, Conti, and Netwalker were responsible for 80 percent of the alerts published between July and September.
Activities
While many well-known ransomware operators now own data leak sites, some have also added DDoS attack capability to quickly extort money from the victims. Let’s review what most of the well-known ransomware families have been up to in Q3 2020.
Conti and NetWalker ransomware accounted for 29% of alerts associated with ransomware dumpsites. Sodinokibi ransomware operators were seen recruiting more team members with good penetration testing skills.
DoppelPaymer ransomware’s activity decreased, however, other ransomware groups were active. Seven data leak sites were created, signifying that cybercriminals are learning from ransomware families.
Recent Attacks
In recent weeks, many ransomware attacks have targeted various sectors including IT, healthcare, government, education, insurance, and transportation. Recently, Maze ransomware operators leaked about 9GB of data stolen from Toledo Public Schools, whereas Montreal’s Société de transport de Montréal (STM) public transport system also disclosed a ransomware attack on its network.
Meanwhile, several other organizations recently revealed being targeted by various ransomware attacks including IT giant Software AG, insurance firm Ardonagh Group, Health tech firm testing coronavirus treatments eResearchTechnology, City of Shafter, Springfield Public Schools, and a few more.
The Road Ahead
The current situation indicates a growing trend of ransomware attacks as they are becoming more prominent and prevalent. Thus, experts suggest providing training around phishing lures and emails, applying security patches, and taking backups of corporate data. Furthermore, users should avoid using untrustworthy sources for downloading files or applications.
With businesses paying high ransoms, ransomware operators are motivated to pursue this line of attack even more. Attackers are expected to get more dangerous with sophistication in their TTPs and ease of access to hacking tools. Security experts anticipate that ransomware attacks with the threat of data exposure are to be observed in the coming year. These types of attacks will ultimately result in regulatory compliance issues for victims.
Ransomware operators are expected to refine the strategies that are already successful, instead of developing newer ones. With the ongoing trend of such attacks, it is expected that the attacks will not slow down in the coming year. Thus, in 2021, organizations should expect more targeted attacks, especially on large firms that have a lot to lose.