One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8361250 |
| Date de publication | 2023-07-25 10:00:00 (vue: 2023-07-25 14:06:57) |
| Titre | Ransomware Business Model - Qu'est-ce que c'est et comment le casser? Ransomware business model-What is it and how to break it? |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The threat of ransomware attacks continues to strike organizations, government institutions, individuals, and businesses across the globe. These attacks have skyrocketed in frequency and sophistication, leaving a trail of disrupted operations, financial loss, and compromised data. Statistics reveal that there will be a new ransomware attack after every two seconds by 2031 while the companies lose between $1 and $10 million because of these attacks. As the security landscape evolves, cybercriminals change their tactics and attack vectors to maximize their profit potential. Previously, ransomware attackers employed tactics like email phishing, remote desktop protocol vulnerabilities, supply chain issues, and exploit kits to breach the system and implant the ransomware payloads. But now attackers have significantly changed their business model. Organizations need to adopt a proactive stance as more ransomware gangs emerge and new tactics are introduced. They must aim to lower their attack surface and increase their ability to respond to and recover from the aftermath of a ransomware attack. How is ransomware blooming as a business model? Ransomware has emerged as a thriving business model for cybercriminals. It is a highly lucrative and sophisticated method in which the attackers encrypt the data and release it only when the ransom is paid. Data backup was one way for businesses to escape this situation, but those lacking this had no option except to pay the ransom. If organizations delay or stop paying the ransom, attackers threaten to exfiltrate or leak valuable data. This adds more pressure on organizations to pay the ransom, especially if they hold sensitive customer information and intellectual property. As a result, over half of ransomware victims agree to pay the ransom. With opportunities everywhere, ransomware attacks have evolved as the threat actors continue looking for new ways to expand their operations\' attack vectors and scope. For instance, the emergence of the Ransomware-as-a-service (RaaS) model encourages non-technical threat actors to participate in these attacks. It allows cybercriminals to rent or buy ransomware toolkits to launch successful attacks and earn a portion of the profits instead of performing the attacks themselves. Moreover, a new breed of ransomware gangs is also blooming in the ransomware business. Previously, Conti, REvil, LockBit, Black Basta, and Vice Society were among the most prolific groups that launched the attacks. But now, the Clop, Cuban, and Play ransomware groups are gaining popularity as they exploit the zero-day vulnerability and impact various organizations. Ransomware has also become a professionalized industry in which attackers demand payments in Bitcoins only. Cryptocurrency provides anonymity and a more convenient way for cybercriminals to collect ransom payments, making it more difficult for law enforcement agencies to trace the money. Though the FBI discourages ransom |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $10 $265 what’s 000 200 2031 ability able about across activity actor actors addition additionally adds adopt affected after aftermath agencies agree aim all allows almost already also among amount annually anonymity any anytime are around article associated at&t attack attack: attackers attacks attacks: attractive author average avoid awareness away backed backing backup backups: based basic basta because become becoming been being besides better between bigger billion bitcoins black blooming breach break breaking breed brief business businesses but buy bypasses can canon capabilities carve case causing ccpa chain chances change changed clearly client clop close collect common companies company compromised consequences content conti continue continues convenient cost costs create critical crucial cryptocurrency cuban customer customers cybercriminals cybersecurity damage data day defined delay delete demand demanded deploy deploying desktop despite detection devastating develop devices difficult discourages disrupted disruptions disrupts does double down downtime due during earn earnings educate education: email emerge emerged emergence emerging employed employee employees encourages encrypt endorse endpoint endpoints enforcement enhance enough ensure ensures equip escape especially every everyday everywhere evolved evolves evolving except exfiltrate expand experience exploit extortion face faced facilitate fail fails fast fbi fertility filed final financial finds fines fixes following formal foster frequency from gaining gangs gap gdpr gets globe good government groups guarantee hackers had half handy happen happened hardware has have hazard help helps hence here higher highly hipaa hit hold holistic how however humans identifiable impact impacts implant inaccessible incident includes increase incur individuals industry information informed infrastructure initial insight insights instability instance instead institutions intellectual introduced invest investigating issues kits lack lacking landscape lateral latest launch launched law lawsuits leak least leaving legacy legal less liabilities like likely limits link location lockbit logical long longer looking loophole lose losing loss losses lower lucrative maintain make making malicious malware manage many maximize may means measures medical method might million minimize mitigate model money month more moreover most movement moving must nearly need network new news non not now occur older one online only operating operational operations opportunities option organisations organization organizations other outcomes over paid paralyze participate parties partner’s patch patching pathways pay paying payloads payments people performing perimeter personally phishing plan plan: play plenty popularity portion positions post potential presents pressure prevalent prevent previously prioritize privacy privilege proactive productivity professionalized professionals profit profits programs prolific promises promptly property protection protects protocol provide provided provides raas ransom ransomware realize records recover recovery reduce reduced reduces reduction regularly regulations regulatory release released remote rent repeated reputational respond response responsibility restoring result resulting retire retrieve return reveal revenue revil risk risks robust rules same say saying scope second seconds security segmentation segmentation: segmenting sensitive service services siem significant significantly since situation skyrocketed society software solely some soon sophisticated sophistication staff stages stance statistics stats stop stored strike study subject successful such supply supports suppose surface surface: survey system systems systems: tactics take target targeting technical term than them themselves therefore these those though threat threaten threats three thriving through time toolkits tools tools: trace trail translink trends trust two unlikely update upgrade use usually valuable various vectors vendor vice victims views vulnerabilities |
| Tags | Ransomware Malware Tool Vulnerability Threat Studies Medical |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.