Three Common Forms of Ransomware Infecting 1,800 businesses
Around 1,800 companies are being affected by ransomware across the globe, according to a confidential report by the National Cyber Security Centre (NCSC) in the Netherlands. The report does not specify the names of the affected organizations but indicates that the targeted are the big players from different industries including chemical, health, construction, food, entertainment, and automobile. Most of these companies deal with revenue streams of millions and billions.
In the recent past, ransomware attacks have been on a rise and are being widely publicized as well, but due to the rapid increase in the number of ransomware attacks, many of these go unnoticed and hence unreported. As a result, the number of affected companies as per the NCSC report is likely conservative. Reportedly, the affected organizations are on their own as they recuperate from the attack by either being forced to pay the ransom or resorting to untainted backups to restore files.
NCSC’s report enlists three file-encrypting malware pieces namely LockerGoga, MegaCortex, and Ryuk that are to be blamed for the malware penetration, these pieces of malware use a similar digital infrastructure and are “common forms of ransomware.” While drawing other inferences, NCSC reckons the utilization of zero-day vulnerabilities for the infection. The dependence upon the same digital infrastructure implies that the attackers setting-up the attacks transferred the threat onto the victim’s network via a single network intruder.
Professionals in intruding corporate networks tend to find allies who are involved in ransomware dealings and being experts they are always inclined to spot the best amongst all for whom they gladly pay a lump sum amount of money as salaries on a monthly basis in turn for proficient penetration testers that can potentially travel via infected networks without being detected. Here, the level of access provided determines how high the prices can go up to.
Cybercriminals are not likely to stop spreading ransomware as long as there are victims who are paying the ransom as they have no other option to fall back on, NCSC strictly recommends that organizations strengthen their security net to avoid falling prey to ransomware attacks carried out every now and then these days.