Ransomware - RH-ISAC Blog

“It does not do to leave a live dragon out of your calculations, if you live near one.” – J.R.R. Tolkien In 2022, ransomware is the live dragon for many companies working to develop incident response plans. According to Fortinet’s Global Threat Landscape Report, the first half of 2021 saw a 10.7x increase in the…

Crypto Ransomware The first ransomware attack, known as the AIDS Trojan, hit the healthcare industry in 1989, but it’s only been in the last decade that strains such as CryptoLocker, Petya, NotPetya, WannaCry, TeslaCrypt, and Locky have pushed ransomware to the forefront of cybersecurity discussions. These strains have variations in the way they deploy, but…

In a perfect world, all of the defenses you’ve put in place will successfully defend against a ransomware attack. Your employees won’t click on any malicious links, none of your credentials will be brute-forced, your RDP ports are secure, and you’ve implemented a zero-trust framework across your network. It is true that taking measures to…

With ransomware demands in the millions, companies are beginning to prioritize investment in their ransomware resilience strategy to avoid the severe financial, operational, and reputational costs of being the victim of an attack. In fact, ransomware planning ranked as the top initiative for retail and hospitality CISOs in RH-ISAC’s recent 2021 CISO Benchmark Report, but…

Despite automation, machine learning, and all the rest of the state-of-the-art detection technology at our fingertips, attackers still slip through the cracks. You can utilize tools such as website application firewalls and endpoint discovery and response solutions, but one of the most important ways to reduce your risk of being the victim of a ransomware…

With average ransom demands now in the millions, ransomware attacks are a lucrative business. It’s no wonder then that more people are trying to get a piece of the profit, and it’s becoming easier than ever to do it with the rise of ransomware-as-a-service. Just like software-as-a-service businesses provide easy access to software, ransomware-as-a-service businesses…

According to the 2020 Unit 42 Incident Response and Data Breach Report, remote desktop protocol (RDP) services were the initial attack vector in 50% of ransomware deployment cases. RDP services have been a popular attack vector for years, particularly for use on small enterprises where phishing emails may not be as successful. However, the COVID-19…

Colonial Pipeline. JBS. Kaseya. 2021 was a record year for high-profile, expensive ransomware attacks. In 2022 we can only expect this to continue, as ransomware-as-a-service expands threat actor accessibility to tools, and new double/triple extortion ransomware attacks raise potential profits even higher. Although the retail and hospitality sector has not been hit nearly as hard…

The last few years have seen a dramatic rise in high-profile ransomware cases, leading CISOs to bump ransomware planning to the top of their list of initiatives. However, just as companies have adapted to guard against this threat, ransomware gangs have adapted in turn, employing additional layers of extortion focused on exposing customer data. A…