Ransomware in 2018 has become something of a special beast. Unlike at other times, the inventions this year have produced infections targeting victims rather than randomly hunting for vulnerable targets. Targets have been craftily selected—these cybercriminals have devised a complete marketing strategy focused to speak to a very specific group of people. And their messages are so focused and specific to their targets (through effectively integrating social engineered campaigns) that many of these targets fall hook line and sinker.
Ransomware attacks the likes of some of the latest SamSam attacks have devastated entire city governments, shuttered hospital systems, EHR platforms and other businesses large and small are testaments to the effectiveness of the modern ransomware attack. They also underscore how widespread under-preparedness plagues business large and small.
What has changed in the past year to make ransomware attacks even worse than before?
Attacks are better-focused—If we looked at the victims of SamSam over the course of the last 6 months, we likely could come to some pretty big patterns. SamSam targets hospitals and healthcare. SamSam targets governments. SamSam’s success rate is quite high—nearly ten-fold higher than other ransomware variants in recent years. In fact, SamSam has had a much larger success rate than any cybersecurity expert had ever predicted.
Bottom line? Ransomware is getting more targeted than ever. Cybercriminals get to know their targets well—researching their needs, wants and communications. Identifying what makes each tick and devising schemes to trick users into giving them access to networks without working that hard. All they need is an effective message.
Attackers have more incentives—years ago, we thought cybercriminals were mainly devised of groups of individuals propped up by rogue states looking to attack their enemies. But in recent years—especially in 2018—attacks have gotten more incentive-based. Individuals, rather than groups, are devising their own unique attack plans. Criminals are using marketing campaigns often modeled after effective advertisements from high earning marketing firms to devise emotional content that triggers people to take action.
These attackers are more incentivized than ever and are taking data ransoms to the next level. They really want to get paid and are trying new tactics to ensure they do! Even when a business recovers from an attack—if they had been smart enough to back up their entire network (though this is not always the case!)—ransomers are now threatening to release the data if ransom payments aren’t met. The risk to the criminal? Not much. To the business or organization? Leaks of thousands of records that may end up costing employees, patients or clients their livelihoods and identities.
Viruses are not getting detected by antivirus—cybercriminals have another trick up their sleeves. While many businesses think that ransomware virus are detectable by their cheap or free antivirus software platforms, that is far from the case! With false sense of security on their victims, ransomware attackers are easily bypassing security and infecting entire networks. They lay low until a decided opportune time when either a large part of the network is infected with their virus and that they’ve infected all mapped machines or until a large payout seems most imminent. Either way, these criminals are patient and see cyberattacks as a way to make big bucks—that is, if they play their hand right.
Low hanging fruit is very low—brute force attacks through networks continue to be how businesses fall to cyberattacks (many of which are not widely publicized). Criminals continue to find businesses failing to patch their networks, underestimate their security technology (for instance, outdated firewalls) and are overconfident that they aren’t a good target. These types of businesses, in fact, are the prime targets for the most recent cybercrimes because they are easy.
Are you keeping up with cybersecurity?
It’s really hard to keep track of which angles cybercriminals are using to effectively crack into networks. Even with security compliance squared away, businesses are failing to do enough to keep criminals at guard. In fact, criminals have devised frameworks that are effective at penetrating networks in light of security compliance! They are merely finding very sneaking ways of getting into your network from a variety of methods—integrating social engineering, technology and marketing to break into networks of the unsuspected.
Concerned that you might not have done enough with your network cybersecurity? Contact Us TODAY for a free ransomware vulnerability assessment!
