Ransomware Attacks Step Up their Game and Now Look for NAS Devices

ransomware-screen-skull-1It used to be that ransomware just looked for office files. Then backups became a secondary victim. New data from Kaspersky shows NAS devices are being added as targets.

The success of a ransomware attack depends solely on whether the victim can’t possibly recover. It’s the very reason why ransomware started using tactics like looking for the 40-ish backup filetypes, as well as using an attack loop (where the ransomware infects a machine but lies dormant for months to ensure multiple backups include the ransomware).

But attackers are now thinking in terms of how to cross-pollinate their code with cybercriminals well-versed in taking advantage of known vulnerabilities. According to researchers at Kaspersky, the goal is to attack the very NAS devices hosting an organization’s backups. If you were a ransomware author, it’s a smart move; your goal is to render the victim company unable to respond in any other way than to just pay the ransom.

It’s generally accepted that ransomware finds its way into an organization in one of two ways these days – either via an exposed and unsecure RDP connection, or via email. Addressing RDP is easy; don’t allow RDP via the Internet. But email is a larger challenge.

Despite best efforts, even organizations with a layered preventative security strategy in place still find that ransomware emails make their way all the way to the unsuspecting user. This last line of defense needs to be shored up with Security Awareness Training so that the user themselves becomes part of the organization’s defense, spotting the potentially malicious email and not engaging with its contents or attachments.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews