According to a report by BleepingComputer, March 2023 set a new record for ransomware attacks, with 459 reported worldwide. The report attributed the surge to the activity of several ransomware groups, such as Royal, BlackCat, Medusa, and Ransomhouse. Prominent victims of the criminals behind ransomware in March include André Mignot Hospital in France, and several schools and universities in the US.
A type of malicious software, ransomware attacks encrypt the victim’s data and demand a ransom to unlock the information. One of the most profitable and widespread cybercrimes in the world, ransomware plagues millions of individuals and organizations every year. But who are the cyber-criminals behind ransomware and how do they succeed?
The ransomware network is complex and diverse, involving multiple actors with varying roles and motivations. They include:
For example, the developers of REvil ransomware claimed to make over $100 million in 2020 by providing their software to affiliates.
The distributors of Emotet malware have infected millions of computers worldwide by sending spam emails with malicious attachments.
The operators of DarkSide ransomware have targeted several large companies, such as Colonial Pipeline and JBS, demanding millions of dollars in ransom.
For example, the affiliates of Ryuk ransomware earned over $150 million in 2019 by using the malware provided by TrickBot distributors.
The money launderers of Maze ransomware employ various cryptocurrency mixing services and exchanges to hide their tracks.
The criminals behind ransomware succeed because they exploit several weaknesses in our defense. These include the lack of adequate cybersecurity measures and awareness among individuals and organizations, making them vulnerable to ransomware attacks. Other success factors include:
Ransomware attacks can cripple any organization, regardless of its size, sector, or location. This highlights the importance of having strong cyber security measures in place, such as backup systems, antivirus software, employee training, and incident response plans.
Most successful ransomware attacks compromise one or more highly privileged user accounts. To guard against the compromise of privileged accounts, organizations need to implement information security governance. Least privilege and zero trust policies, multi-factor authentication (MFA), and randomized administrator passwords provide needed additional security.
Microsoft security tools and training can play a critical role in reducing the risk of ransomware and other cyber-attacks. Sometimes difficult for organizations with limited cyber security expertise to configure, these tools are known by cyber security consultants who provide valuable assistance in setting them up properly.
In August 2021, the Hive attack extorted more than $100 million from various organizations, including a major hospital chain and a telecom company. And in February 2022, the Vice Society attack focused on the education sector, encrypted data from dozens of schools and universities.
A serious threat, Ransomware requires a coordinated response from all stakeholders, including governments, law enforcement, cyber security experts, and users. By raising awareness, adopting cyber security best practices, disrupting the ransomware infrastructure, and holding the criminals accountable, the impact and prevalence of this cyber-crime can be reduced.
The cyber security consultants at eMazzanti Technologies possess the expertise necessary to protect your organization from ransomware attack. They help business leaders choose and configure the tools required, including access management, email protection, cloud backups, data encryption, and continuous network monitoring.
In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…
An email signature accomplishes much more than simply telling readers who you are and how…
Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…
Domain-Based Message Authentication, Reporting, and Conformance (DMARC) is an e-mail security protocol designed to validate…
My job is to manage my law office’s cloud servers here at Justice Freaks. As…
My worst nightmare would be to date someone who isn’t who they say they are.…