One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8547886 |
| Date de publication | 2024-07-31 10:00:00 (vue: 2024-07-31 10:18:13) |
| Titre | Les attaques de ransomwares sont-elles toujours une menace croissante en 2024? Are Ransomware Attacks Still a Growing Threat in 2024? |
| Texte | The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Ransomware attacks continue to pose a growing threat to organizations as it has emerged as the number one threat, affecting 66% of organizations in 2023 and pulling over $1 billion from the victims. These attacks have increased in frequency and sophistication, resulting in significant financial loss, operation disruption, theft of sensitive data, and reduced productivity rates. Also, it damages the organization\'s reputation and results in the loss of customer trust and compliance violations. An organization needs a comprehensive protection strategy to reduce the frequency of these attacks and the risks they pose. Ransomware Business Model: How These Attacks Are Evolving? In the past, ransomware attacks mainly relied on phishing emails, remote desktop protocol exploits, and vulnerable ports to increase their chances of success. Additionally, these attacks employ evasion techniques to bypass traditional security measures like firewalls or antivirus software. These methods have resulted in famous attacks like WannaCry, TeslaCrypt, and NotPetya. With time, ransomware attackers have evolved and have become more sophisticated, targeted, and profitable for cybercriminals. Below is an insight into the latest trends that hackers adopt to launch a successful ransomware attack: Exploiting Zero-Day Vulnerabilities The shift in ransomware gangs and their sophisticated tactics and procedures (TTPs) raise the number of ransomware attacks. . Previously, REvil, Conti, and LockBit were the famous ransomware gangs, but now Clop, Cuban, and Play are gaining immense popularity by employing advanced hacking techniques like zero-day vulnerabilities. Sophos\'s State of Ransomware 2024 revealed exploited vulnerabilities as the root cause of ransomware attacks. The Clop ransomware gang has used the zero-day vulnerability in the MOVEit Transfer platform to steal the sensitive data of different organizations. This group also targeted the GoAnywhere zero-day vulnerability in January 2023, affecting 130 organizations, and exploited the Accellion FTA servers in 2020. Similarly, Cuban and Play used the same attacking technique to compromise the unpatched Microsoft Exchange servers. Double and Triple Extortion Another reason for the rise in ransomware attacks is the introduction of the double or triple extortion technique. Cybersecurity firm Venafi reported that 83% of ransomware attacks included multiple ransom demands in 2022. Cybercriminals encrypt the data, exfiltrate sensitive information, and threaten to release it or sell it on the dark web if the ransom is not paid in a double extortion scheme. This tactic prove |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $17 $22 $265 $87 000 130 2020 2021 2022 2023 2024 2031 500 a triple accellion access accessed accessible according actions activities actors add additionally adds adhering admitted adopt advanced adverse affected affecting affiliates against age agencies agenda agree all allegedly alphav alphv also alter amateur amount analyze angeles annually another antivirus any applications approach april are area article associated attack attack: attacker attackers attacking attacks authenticate authentication author automate available average aware back based basta bay because become becoming before behavior being believing below beyond billion bitcoins black blackcat breach broadens bundles business businesses but bypass can care carry cause caused causing centre chain challenge chances change changing citrix clop code coding collaborating commission common companies company completed completely compliance comply comprehensive compromise concern concluded consequences content conti continue continuously control cost could credentials criminals critical cuban customer customers cyber cybercriminals cybersecurity damage damages damaging dark data day days ddos deduct defense defenses degrade deletes demand demands denial dental desktop detect detection detects devastating develop devices different difficult digital disconnects discovered disrupting disruption distributed diversity does double down downtime dozen during education effective effects efficiency emails emerged emphasize employ employees employing enable enabled encrypt encrypting encryption endorse endpoint enforcement entry essential evade evasion even event eventually every evidence evolve evolved evolving example exceed exchange execute exfiltrate existing experienced expertise exploit exploitation exploited exploiting exploits extended extort extorting extortion extra facility factor family famous faster features fighting files final financial firewalls firm first flaws found four francisco free frequency from fta further gain gaining gang gangs generative getting global goanywhere group growing grown guarantee hackers hacking half has have having healthcare hefty help highly hit holds hospital hostage how human ics identity immense impact importance improve incident include: included includes including increase increased increases individuals infamous infection infections infiltrate information infrastructure insight install instead institute intermittent internet intervention introduces introduction investigations iomt isolating issued issues its january kaseya kits lab lacks latest launch law lead leads leak legal levelblue like likely lockbit log longer los loss losses mainly makes making malicious malware management markets maximize may mcna measures medical medstar method methods microsoft million minimum misconfigurations mitigate model model: monetary monitor monitoring more most moveit multi multiple must national ncsc nearly need needs neglect network networks new non not notifying notpetya now nozomi number occurring occurs one operates operation operational operators order organization organizations other out outlines over overall paid partially parties partners party past patch patches patient pay paying penalties perform phishing plan platform play points policies ponemon popularity ports pose posed positions post posture powered practices predicted preserving pressure prevent prevents previously primary proactive procedures process productivity profit profitable proliferation promptly protection protocol proves provided published pulling putting quarantines qyick raas raise range ransom ransomware rapid rate rates reach real reason receive recently recognize reconnaissance reduce reduced reduces regular regulatory release relevant relied remote removes rent report reported reputation reputational requires researchers resources respond response responsibility rest resulted resulting results revealed revil rise risk risks root running same san saw scheme seconds security seek sell sensitive sensors servers service services severe severity sharp shif |
| Tags | Ransomware Malware Tool Vulnerability Threat Studies Legislation Prediction Medical Technical |
| Stories | NotPetya Wannacry Deloitte |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.