Ransomware attacks on businesses are spiking, says Kaspersky
Security company says easy-to-use tools make ransomware attacks easier to run.
Ransomware attacks on larger businesses are increasing according to Kaspersky.
According to Kaspersky’s senior malware analyst Anton Ivanov, this increase is due to their easiness and high returns.
Particularly attackers have the ability to use open source software to make their own encryptions, “without making any special effort” he said in a blog post.
“A vivid example is the Mamba encryptor based on DiskCryptor, an open source software,” he explained. “Some cybercriminal groups do not even take the trouble of involving programmers; instead, they use this legal utility ‘out of the box’.”
Anton Ivanov has said attackers have a three step action plan, they are:- 1) find an organisation that does not have a protected server with RDP access, 2) guess or buy the password and 3) encrypt a node or server.
“The cost to organise such an attack is minimal, while the profit could reach thousands of dollars,” he said.
Of course, not all attacks are so basic, he added, saying “true professionals are also active on the playing field”, taking the time to carefully select targets and plan attacks that will last for weeks.
Irrespective of the skill set of these attackers, businesses must take preventative steps to protect their network infrastructure, this covers procedures like constantly backing up all of their servers, audit all notes and server to update outdated software, and protect all forms of remote access.
Kaspersky have seen an increase in this area as they have revealed many more organisation’s are joining their No More Ransom project. This fantastic project has been geared to help victims of ransomware via free unlock tools, this is so they do not need to pay to get their data back and hopefully in the longer term discouraging attacks moving forward to the future.