The Sans Institute has published a research report on the development of ransomware attacks over the past two years. Among other things, new tactics and techniques of attackers, as well as traps for companies, are explained.
The European Union Cyber Security Agency reported that the number of ransomware attacks increased by 150 percent from April 2020 to July 2021. This is partly due to the arrival of ‘Ransomware as a Service’, through which criminals without hacking knowledge can carry out ransomware attacks.
Cybercriminals also seem increasingly to conduct preliminary investigations of their victims. The report cites Broward County Public Schools in Florida as an example; There was a ransomware attack demanding $40 million, which the criminals also said was just one percent of the schools’ annual budget of 4 billion.
The development of ransomware hasn’t stopped either. Malware leaves less and less traces and mostly settles in memory, Windows Registry or existing (system) files. Also, ransomware is becoming more and more automated, so distribution within a computer network is much faster.
Fortunately, development doesn’t stop on the defensive, either. Monitoring network traffic metadata and detecting unusual behavior in the software can resist an attack. However, malware development will always be one step ahead, even if it’s only for a few hours.
The research report can be downloaded from the Sans website (.pdf), registration required (free).
Source: SANS Institute
Source: Hardware Info