Among the many challenges businesses contend with in the global marketplace today, the 11th Allianz Risk Barometer 2022 ranks cybersecurity threats as the most important business risk. This proves beyond any doubt that enterprises are experiencing increasing threats and full-on attacks to their information technology systems.
Ransomware is a (sad) fact of corporate life. 61% of businesses were impacted by cyber criminals in 2020, peaking at more than 900 attacks per organisation in 2021. Remote working is only making organisations more vulnerable. A recent study also found that the average attack costing its victims $5.3m. It’s no wonder ransomware is near the top of every CIO’s worry-list. In our last blog, we looked at how best to plan for tomorrow.
Ransomware attacks continue to plague organizations globally regardless of their size. In a press release by the NCC group that preceded the Annual Threat Monitor Report 2021 published for the year 2021, there were an estimated 2,690 ransomware attacks, a 92.7% increase from 2020s figures of 1,389. The increase of ransomware attacks builds upon the general gradual rise in cyber-attacks in the wake of the COVID-19 pandemic. Ransomware accounted for roughly 65.4% of global cyber incidents in 2021.
As the cyber world grows day by day and makes our lives easier and more efficient, hidden threats and risks also increase. One of them is Ransomware, an expensive and ever-growing cyber threat on organizations’ critical data, files, or any other critical information from the past few years. Here the victim pays the ransom amount for his data locked by the attacker.
During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.
In January 2022, Microsoft announced that Excel 4.0 macros would be restricted by default, to protect users from malicious macros. In February 2022, Microsoft announced that VBA macros would also be blocked for files downloaded from the internet. Cybersecurity professionals and enthusiasts rejoiced at the news! Malicious Office documents were running rampant. Attackers abused Microsoft Office macros to deliver BazarLoader and Trickbot, and remote access trojans like AveMaria and AgentTesla.
Today CrowdStrike sent the following Tech Alert to our customers: On July 8, 2022, CrowdStrike Intelligence identified a callback phishing campaign impersonating prominent cybersecurity companies, including CrowdStrike. The phishing email implies the recipient’s company has been breached and insists the victim call the included phone number.
Microsoft SharePoint Online is one of the most widely used content management platforms. Unfortunately, Proofpoint recently discovered that threat actors can abuse a feature in SharePoint Online and OneDrive for Business to encrypt all of your files and hold them ransom.
Due to the proliferation of cloud-native environments, ransomware attacks have increased dramatically in recent years. Cybercriminals can access a variety of ransomware tools from anywhere in the world at a moment’s notice. This capability has produced an entire economy of Ransomware-as-a-service (RaaS). Despite significant investment in real-time infrastructure security tools, organizations are failing to quickly identify and recover from an attack.
