Cyber-criminal groups have gotten more adept at deploying ransomware attacks. The groups have reportedly been using the same software and techniques as nation-state-backed-hacking operations. In the past year alone, ransomware has become the most common mode of cyber-attack.
The cyber criminals of the past were content with stealing information that was of value so they could sell it and earn money but the new-age cyber criminals find it easier to encrypt the whole network that would enable them to make more money in a much shorter amount of time.
Cyber-criminal hackers or hacker-groups bide their time and uncover vulnerabilities on networks spending months developing strategies and techniques to compromise the targeted network with ransomware before finally releasing the attack and encrypting the network.
They act in a way similar to how ATP (Advanced Persistent Threat) groups act on missions surveilling different nation states. ATP groups hide for months together without being detected. The criminal groups are able to observe the victim organization’s environment and responses closely and hence proctor an attack that would do the most damage when the attack is deployed.
However, this isn’t the only manner in which these attacks have evolved. The high risk situation has to do with the fact that as these groups gain more experience, the time taken to scout the enemy and deploy the attack might decrease drastically. The worst case scenario is this happens before there are necessary counter measures and security protection systems put in place.
While applying two-factor authentication and preventing the use of default passwords on the network protect against ransomware and other attacks, more efficient means of protection against such ransomware is highly solicited and much needed.
