A Snapshot of the Ransomware Landscape



Snapshot of Ransomware LandscapeOrganizations need to take steps to disrupt the ransomware industry by making these attacks more expensive to carry out, according to Jen Miller-Osborn from Palo Alto Networks' Unit 42. On the CyberWire’s Research Saturday podcast, Miller-Osborn discussed trends in ransomware targeting and tactics.

“Unfortunately, healthcare has been hit quite heavily, which is one thing that we really don't like to see,” she said. “But that's definitely been an area that's been a focus. What we've seen by far is manufacturing quite a bit. And then, you know, we're seeing kind of legal services, construction, high tech – it kind of runs the gamut from there. But if you look at this chart from a perspective of potential amount of money that could be made by ransoming these various organizations, you can see a lot of the focus is on organizations that potentially have larger resources and maybe more difficulty in recovering if they lose their data.”

Miller-Osborn added that even if a victim does pay the ransom, the recovery will still be very costly.

“A lot of times, the incident response can be just as expensive, if not more so, than the ransom was, which is another reason that organizations really need to pay attention that this is a legitimate problem and that you could potentially be out a lot of money one way or the other,” Miller-Osborn said. “So, you really want to really want to get ahead of that scenario and try and keep this from happening.”

Miller-Osborn explained that one of the only long-term strategies against ransomware as a whole is to affect its business model by making these attacks more difficult.

“One of the goals with publishing this paper and getting this data out there is by drawing attention to it, you'll get more organizations to improve their protections to further price out some of these other ransomware families,” she said. “And that's one of the key ways and one of the only things we can really do to stop this outside of law enforcement efforts. That, in conjunction with people recognizing this problem and doing better and better defenses will start to price out a lot of these different hackers because they aren't going to be able to continue to evolve at the same kind of speed.”

The vast majority of ransomware attacks begin with either a phishing email or a technical vulnerability like an exposed RDP port. New-school security awareness training can give your organization an essential layer of defense against ransomware.

The CyberWire has the story.


RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews