A hacker’s strongest weapon in a ransomware attack is the victim’s network itself, a new report argues.
Network threat detection and response company Vectra recently analysed the threat landscape and concluded that the network itself, which enables the malicious encryption of anything stored on a network server or with a cloud provider, is a pain point.
Network perimeter security is more of a nuisance rather than an obstacle for cybercriminals, Vectra says. They can easily evade these security measures and perform internal reconnaissance, allowing them to locate and encrypt shared network files.
“The fallout from ransomware attacks against cloud service providers is far more devastating when the business systems of every cloud-hosted customer are encrypted,” said Chris Morales, head of security analytics at Vectra. “Today’s targeted ransomware attacks are an efficient, premeditated criminal threat with a rapid close and no middleman.”
The research claims that more than half (53 per cent) of organisations have a “problematic shortage” of skilled workers. It argues that businesses should turn towards artificial intelligence to “detect subtle indicators of ransomware behaviours” and enable organisations to prevent widespread damage.
Early recognition is one of the best remedies for ransomware.
Lately, instead of casting a wide net and hoping to catch as many victims as possible, hackers are opting for a targeted approach, attacking fewer organisations, but being more sophisticated and devastating in their assault. Cybercriminals usually target companies which they feel could pay the highest ransom for their data, and can sometimes analyse the victim for months before deciding to make a move or not.