Connect with us

Hi, what are you looking for?

HEADLINES

Cybercriminals evolved into ‘targeted ransomware’, now targeting organizations likely to pay to recover data

To prevent business disruptions, SeaWright enumerated the following best practices: ensuring hardware and software up to date; requiring multi-factor authentication; enabling strong spam filters; implementing a strong user training program; separate back-ups; ensuring network segmentation of OT networks; and limit user and process account privileges where possible. 

Photo by Luca Bravo from Unsplash.com

The incidence of ransomware attacks throughout the globe, with extent of the damage that can run up to about $20-billion at the end of the year, is still increasing. It really has grown over time  with a lot more movements from individual computers to going after an entire enterprise have been seen. The malware is now propagating throughout the system and has been on the rise.

This is according to Lauren SeaWright, FBI Intelligence Assistant Legal Attache at the US Embassy, in her keynote speech at the Trend Micro’s Decode 2021, an event which discusses trends, new technologies and recent and anticipated threats across the IT landscape.   

The same scenario is happening in the Philippines. About 7,000 Filipino companies experienced infections with ransomware last year. However, while the Philippines may not be immuned to ransomware, and in fact, most susceptible, it was found out that they were able to restore from backups.

Cybercriminals have evolved into “targeted ransomware” where they focus on organizations that are likely to make substantial payments to recover their data. Recent ransomware activities that are increasingly targeting businesses were reported in the Philippines. In August 2021, Accenture’s data was encrypted and stolen when it was attacked by Lockbit 2.0 ransomware, a malware which has been known to hire corporate employees to gain access to a target network in the past. Accenture was able to restore from backup but the group threatens to release its data. This, according to SeaWright, is a new evolution of ransomware which involves more threats to release extortion techniques and tactics to pressure the victims into paying the ransom.

Advertisement. Scroll to continue reading.

Another example is the insurance firm AXA in the Philippines, Malaysia, Thailand, and Hong “Kong which has been hit with a targeted ransomware attack called Avaddon ransomware in May 2021. The group launched a DDOS attack against the insurer’s websites in these countries, and demanded about 40,000 worth of bitcoin, another evolution of ransomware which were mostly demanding US dollars in the past. “What’s important about this is the interconnection between different companies. It wasn’t just one location as the Philippines or Malaysia but multiple different branches,” said Seawright.        

SeaWright identified upcoming trends to watch out for in the ransomware landscape. She said they are seeing ransomware as a service model to take off, where cybercrime is turning into a true marketplace where key services are offered. Another trend they are seeing is that developers would build a piece of malware to be sold to customers. There will also be a profit-sharing model between the person who develops the ransomware and the person who deploys it. She also said they’re seeing spearphishing and RDP which remains to be the most common attack vectors as well as a steady increase in ransom demands. The inclusion of data exfiltration and the explosion in number of variants are also seen. Another trend would be the compromise of managed service providers which has a big impact in the supply chain.

To prevent business disruptions, SeaWright enumerated the following best practices: ensuring hardware and software up to date; requiring multi-factor authentication; enabling strong spam filters; implementing a strong user training program; separate back-ups; ensuring network segmentation of OT networks; and limit user and process account privileges where possible. 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Through this collaboration, Smart and PLDT Enterprise will leverage Ericsson’s expertise in private 5G to offer tailor-made network solutions for enterprises, helping them maximize...

HEADLINES

"Every technology is now either enabling AI or is enabled by AI. We are evolving from static and reactive AI to a more dynamic,...

HEADLINES

With AWS, Grab is pursuing a technology-led strategy to accelerate growth across its mobility, deliveries and financial services verticals, including its new digibanks, while...

HEADLINES

According to a report, downtime and lost productivity are the most concerning business problems caused by ineffective IT security, an opinion expressed by 38%...

HEADLINES

For leading Philippine fiber broadband provider Converge ICT Solutions Inc., the landscape of broadband in the Philippines still paints a picture of unequal access...

HEADLINES

Palo Alto Networks, a cybersecurity firm, predicts that in 2025, the region will face a perfect storm of AI-driven cyber threats, escalating in scale,...

HEADLINES

Del Monte collaborated with TikTok Shop using innovative features such as key livestream sessions, affiliate marketing, and the ACE Indicator System—a framework of Assortment,...

HEADLINES

Starting from December 9 at 8 PM to December 14, enjoy up to 50 percent off on online exclusive items, plus discount vouchers, free...

Advertisement