During this year’s Black Hat USA event, experts have warned that the adoption of double-extortion attacks against organizations is on a rising trend. The warning comes after this year saw Kaseya, JBS, and Colonial Pipeline, among the most affected companies targeted by cybercriminals.
Ransomware variants are usually the programs used to prevent the owners from accessing the system and any data stored on the infected devices and networks.
After locking the targets out, the hackers encrypt the drive’s files and, in some cases, could even reach and infect the backups. The end goal is to extort the users, who will need the information they lose access to.
A fresh memory
These trends have led to the rise of ransomware families, many of which have gained formidable sophistication and capabilities. Some of them include Locky, NotPetya, WannaCry, Cryptolocker, and Gandcrab.
Every month, you will hear of some ransomware issues coming up. Recently, we saw the highlights of just how bad the attacks can be and how far they can spread past the initial target, whether by design or just as a cascade that gets out of hand.
Cisco Talos says that this situation may get worse in the future unless something is done.
Attacks are on the rise
One of the earliest trojans was spread in the 80s using floppy disks. It was known as the AIDS Trojan. That delivery method was slow and required attackers to get very close to what they wanted to breach.
Today, ransomware is delivered using all sorts of methods that including brute force attacks. They usually target the internet-facing systems and load ransomware onto supply chains. The approach makes it easy to blackmail the targets into making the payments indicated.
The new thing is now big game hunting, which targets initial access points through an endpoint and then moves laterally to hit more systems.