Nowadays the attack rate of ransomware attacks has increased drastically and they are targetting victims from all over the world. However, recently ThycoticCentrify has published very new research which confirms, that the ransomware attack has become one of the favored methods for the threat actors.
The new survey of ransomware attacks detected that 64% have been victims of a ransomware attack in the last 12 months, and among them, 83% of those attack victims have already paid the ransom that has been demanded by the threat actors.
Ransomware attacks have become so popular that the payouts are becoming profitable, and not only this but the ransomware developers have begun to sell or establish an associate program for their tools and expertise, which are allowing Ransomware-as-a-Service (RaaS).
Ransomware dwell time feigns a major risk
Earlier, these ransomware attacks were not that popular, and the threat actors of this kind of attack generally targeted a single computer or limited network.
The very initial step is that whenever an employee clicks a link knowingly or unknowingly, soon a malware gets downloaded that encrypts the computer or server later.
But nowadays, the threat actors are mainly focusing on negotiating user credentials and passwords so that they can obtain access to the vast connected networks.
While there are many cases where the organizations noted that the realistic approach to getting their network back up and operating is to pay an exorbitant ransom that was being demanded by the operators.
As the attack rate is increasing and so many organizations were being victimized, that’s why it is necessary for the organization to create an incident response plan as it will help them to avoid being a victim of such attacks.
Organizations should perform some basic cybersecurity hygiene to keep themselves safe and attack-free, and here they are:-
- Regular backups
- Timely patching
- Password protection
Here are the key highlights mentioned below:-
- 72% have seen cybersecurity budgets increase due to ransomware threats.
- 93% are allocating special budgets to fight ransomware threats.
- 50% stated they experienced the loss of revenue and reputational damage from an attack.
- 42% indicated they had lost customers as a result of an attack.
Prevention and mitigation
The initial thing that is to be done by the organization that has been victimized is to detect the attack as soon as possible, block the escalation of
privileged access, and stop directory access.
The Privileged Access Management (PAM) solutions generally impose the least privileges that are particularly designed to stop credential harvesting and parallel movement.
Here are some mitigations recommended:-
- Always use multi-factor authentication on all internet-facing interfaces to stop an easy takeover of user credentials.
- Concentrate on deploying and preserving up-to-date assets, vulnerability, patch management, and configuration management programs.
- Guard and isolate delicate data, along with your backup and rebuild capabilities.
- Always use behavior analytics tools to identify and alert on high-risk behaviors connected with breaches and ransomware attacks.
Since ransomware attacks are increasing rapidly, that’s why organizations should stay alert and always perform a regular examination so that they can detect such attacks.