Ransomware attacks increase: In a report on ransomware released this week, researchers at Zscaler ThreatLabz said the number of organizations listed on all ransomware leak sites rose 70% in the 12 month period ending in April.A growing number of ransomware operators are abandoning encryption of data in favour of just data extortion, it noted. For example, Hunters International said in June it was shutting down ransomware operations to focus only on extortion.Despite some successes by international law enforcement agencies against ransomware gangs, Zscaler researchers identified 34 newly active ransomware families during the analysis period, bringing the total number tracked to 425 since its research began. One of the newest gangs calls itself World Leaks, believed to be born from Hunters International.Among the Zscaler report’s findings”¢ Hunters International (formerly called Hive before it was crippled by the FBI) significantly increased its alleged total data stolen year-over-year to 122TB, up from 37.7TB. The median claimed data loss per victim also rose to approximately 359GB from 300GB.”¢ DragonForce made the highest percentage jump in total claimed exfiltration volume, to 20.3TB from 4.2TB “¢ Dark Angels had the highest median impact per victim of 5TB. This tracks with the group’s continued focus on large, high-value targets over fewer overall incidents, says the report.CSOs should note that, according to the Zscaler report, ransomware groups are increasingly leveraging vulnerabilities in critical enterprise technologies to execute their attacks.”Nearly all of these vulnerabilities are easily exploited because they are internet-facing applications that can be discovered through basic scanning techniques,” said the report. “Key targets include VPNs, backup systems, hypervisors, remote access tools, and file transfer applications”, technologies that are pervasive across organizations and essential to operations.”CSOs who still have no organized plan for protecting against ransomware attacks would do well to consult the Institute for Security + Technology’s Blueprint for Ransomware Defense. It’s a curated subset of essential cyber hygiene safeguards from the Center for Internet Security Critical Security Controls.As for whether firms should pay ransoms to get access back to their data, governments urge victims not to give in, while at the same time acknowledging that the sensitivity of exposed stolen data will be a factor in decisions. Management should also understand that promises crooks make to destroy stolen data if they are paid can’t always be trusted.Nonetheless, in April, we reported that, according to research from Rubrik Zero Labs, 86% of organizations surveyed admitted to paying ransom demands following a cyberattack in the past 12 months.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4031695/ransomware-gang-tells-ingram-micro-pay-up-by-august-1.html
