Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are among the critical threats to organizations highlighted in an attack landscape update published today by cyber security provider F-Secure.
One of the most notable trends highlighted in the update is the evolution of ransomware – attacks that extort organizations by preventing them from accessing their data. 2020 saw an explosion of ransomware that also steals data, giving the attackers more leverage over their victims. If organizations first refuse to pay a ransom to decrypt their data, attackers threaten to leak the stolen information, increasing pressure on victims to pay.
This evolution, referred to as Ransomware 2.0 in the report, was a significant development in 2020. Only one ransomware group was observed using this type of extortion in 2019. By the end of 2020, 15 different ransomware families had adopted this approach. Furthermore, nearly 40% of ransomware families discovered in 2020, as well as several older families, were known to also steal data from victims by the end of last year.
“Organizations with reliable backups and effective restoration procedures are in a strong position to recover from a ransomware attack without having to pay. However, managing a potential data leak is a dramatically different challenge, especially for organizations that possess confidential information,” explained Calvin Gan, a Senior Manager with F-Secure’s Tactical Defense Unit.
“Ransomware actors, current and future, will likely feel emboldened to try new things and jump on vulnerabilities faster, which we’re already seeing with the recent MS Exchange vulnerabilities.”
Based on developments in the latter half of 2020, the report highlights several other significant cyber security trends, including:• Attackers’ use of Excel formulas – a default feature that cannot be blocked – to obfuscate malicious code tripled in the second half of 2020.• Outlook was the most popular brand spoofed in phishin ..
Support the originator by clicking the read the rest link below.
