Undefeatable Monster
Don’t Let The Bedbugs Bite.
In the first half of 2021, Trend Micro intercepted 40.9 billion email assaults, infected documents, and hostile URLs for consumers, up to a 47 percent increase, year over year.
Ransomware organizations have added a slew of new intrusions to their repertoire this year, many of which are aimed at aggressively exploitable flaws.
● An unspecified variety of ransomware-as-a-service ( RAAS ) accomplices began exploiting the freshly fixed Windows MSHTML bug with RCE hacks. Conti ransomware commenced attacking Microsoft Exchange infrastructure in early September, infecting commercial infrastructures through ProxyShell security vulnerabilities.
● LockFile began using the PetitPotam NTLM relay attack method to seize control over the Windows territory globally in August, Magniber joined the PrintNightmare attack bandwagon, and eCh0raix was discovered attacking both QNAP and Synology NAS systems.
In the first half of the year, ransomware remained the most common menace, with malicious hackers persisting to strike high-profile targets. They employed Advanced Persistent Threat technologies and methodologies to capture and encode individuals’ information, collaborating with external parties to gain entrance to specified infrastructure.
The finance sector was severely impacted, with cyberattacks up 1,318 percent, year over year in the first half of 2021.
● The HelloKitty ransomware victimized SonicWall electronics in July, while REvil infiltrated Kaseya’s infrastructure and infected 60 MSPs with on-premise VSA servers, as well as 1,500 downstream corporate clients.
● The FiveHands computer virus was aggressively attacking the SonicWall weakness before it was repaired in late February 2021, as Mandiant disclosed in June.
● In April, QNAP published an advisory regarding AgeLocker ransomware strikes on NAS machinery that exploited an unidentified flaw in obsolete equipment, just as a massive Qlocker ransomware assault pursued QNAP electronics that had not been updated against a hard-coded privileges bug.
● Cring ransomware encoded unpatched Fortinet VPN equipment on manufacturing industry organizations’ infrastructure in the same month, following a joint FBI and CISA alert that criminal hackers were scanning for unsecured Fortinet gear.
● Microsoft Exchange servers around the globe were assaulted by the Black Kingdom and DearCry ransomware in March, as part of a significant wave of cyberattacks aimed at frameworks unpatched against ProxyLogon vulnerabilities.
● Between mid-December 2020 and January 2021, Clop ransomware attacks against Accellion servers dramatically boosted the typical extortion rate for the first three months of the year.
Ransomware was a massive obstacle to global enterprises in the first half of 2021, but it wasn’t the only one. According to the study, business email compromise (BEC) attacks increased by 4%, presumably as a result of more COVID-19 opportunities for malevolent hackers.
Additionally, in recent months, cryptocurrency miners have overtaken WannaCry and web shells as the most commonly identified dangerous application. The Zero Day Initiative found 770 exploits in the second half of 2020, a slight decrease of 2% from the first half. There were 164 pieces of malicious software linked to COVID-19 fraudulent activities, with 54 percent of them emulating TikTok.
Did You Check Under Your Bed?
Just because you’ve been targeted by a ransomware attack, that doesn’t mean you’re helpless.
The Joint Cyber Defense Collaborative (JCDC) has been launched by CISA, a public-private partnership focused on securing critical resources in the United States against ransomware and other cyber threats. The mission of the new program is to allow CISA to work with government agencies and private businesses to develop cyber security plans for societal resilience against destructive cyber activity that threatens critical technologies.
Microsoft, Google Cloud, Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Lumen, Palo Alto Networks, and Verizon are among the JCDC’s first strategic collaborations, with plans to expand with more partners from a multitude of sectors.
Moving on, the Cybersecurity and Infrastructure Security Agency (CISA) of the United States has launched the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET).
RRA is a security audit self-assessment platform for firms that would like to know how effectively they’re prepared to combat against and recuperate from ransomware assaults that threaten their IT, OT, or ICS infrastructure. This CSET module was created by RRA to examine various aspects of ransomware threat preparation, and it may be used by any company, irrespective of their cybersecurity expertise.
In addition to the RRA method provided, CISA has also published a ransomware checklist. In the case of an attack, you may refer to the list to mitigate the assault as soon as possible to minimize the damages to your business.
This should go without saying, but in the event of a ransomware incident, figure out which machines were compromised and segregate them right away. Let’s just say that you don’t know what a ransomware attack is, or how to counter the assault, here’s a link for you that would call for attention as it’s a page specifically catered to consumers such as yourself. The link contains frequently asked questions in relation to ransomware attacks and the solution to them.
Apart from that, if you’re well versed in ransomware terms and have some background knowledge, you should know that you are to unplug machines from the system, shut them down swiftly to halt the ransomware outbreak from spreading further. Following that, keep note of networks and machines that aren’t likely to be harmed so they can be deprioritized for restoration and recuperation. This allows your company to resume operational activities in a more practical fashion.
Here’s another link that you may like to check out, as it involves the mitigation of a ransomware attack. It also provides services that you could turn to for extra help to restore your infrastructure back to what it was before. That’s not all, as the link also engages cyber security training that would be best suited for your employees and yourself. This link would prove to be extremely helpful because it supplies incident training, strategic methods to counter a cyber-attack, and an organizational overview for your company.
Be Your Own Superhero.
Going through the whole article, you should have a sense of motivation to study the effects of a cyberattack, especially ransomware.
But do not fear, you’re not alone in this battle.
It’s okay to ask for help. Just follow the recommendations that I’ve provided, and you’re good to go. It’s always good to read up on various cyber crimes that are happening around the world, and the organizations that relate to the crimes. Having extra information and material around you would eventually benefit you in the future.
Not all monsters are undefeatable.
