The most active ransomware ever with more than 1400 accounts
The specialization and consolidation of cybercrime have driven the ransomware as a service (RaaS), becoming a dominant business modelwhich means that a greater number of criminals, regardless of their technical knowledge, can deploy this type of malware. This issue of Cyber Signals offers an insight into how extortion is evolving in cybercrime.
RaaS allows cybercriminals to buy access to both payloads of ransomware such as data leakage and payment infrastructure. The cybercriminal groups ransomware they are actually RaaS programs like Conti or REvil, used by many different actors. Is “industrialization” of cybercrime has created specialized functions, such as access broker that sell the possibility of accessing the networks. RaaS drastically lowers the barrier to entry for attackers, that is, it makes their way easier. Since RaaS actors sell their expertise to anyone willing to pay. Budding cybercriminals, without even having the technical prowess to use backdoors or design their own tools, can gain access to a victim. Simply by using ready-made penetration testing and system administration applications.
Credentials are on the rise
The endless list of stolen credentials available online means that without basic defenses like multi-factor authentication (MFA), organizations are at a disadvantage when it comes to combating the entry vectors of malicious code. ransomware before the deployment of malware. Once cybercriminals know that access to a company’s network is for sale, RaaS threat actors can create a chain of attacks, allowing themselves and others to benefit from such vulnerabilities.
Although many organizations find it too expensive to implement enhanced security protocols, this reinforcementin reality, save money. Not only will systems be more secure, but they will spend less on security costs and spend less time responding to threats.
Report Conclusions
- Companies are experiencing a increase in both the volume and sophistication of cyberattacks. The US Federal Bureau of Investigation’s 2021 Internet Crime Report found that the cost of cybercrime in the US was more than $900 million [1]. For its part, the European Union Cybersecurity Agency (ENISA) reported that, between May 2021 and June 2022, threat actors from ransomware they stole some 10 terabytes of data per month, and that 58.2% of stolen files included employee personal data [2].
- more than 80% of the attacks of ransomware they can be traced as common configuration errors in software and devices.
- Microsoft’s Digital Crimes Unit removed more than 000 URLs Y 5,400 kits phishing between July 2021 and June 2022. Leading to the identification and closure of more than 1,400 beads malicious emails used to collect stolen customer credentials.
- The average time it takes for an attacker to access the private data of a victim of an email from phishing It is one hour and 12 minutes.
- In the case of threats to endpointsif a device is compromised, the average time for an attacker to start moving laterally within a corporate network is one hour and 42 minutes.