Cybersecurity authorities from the US, UK and Australia have released a joint advisory warning of the increase in ransomware attacks affecting western organizations.
The report warns of how ransomware groups are beginning to share their victim’s information with one another, posing an increased threat to organizations in the west. This comes after US authorities began to crack down on known ransomware groups in 2021 after several high-profile attacks.
In an effort to draw less attention to their activity, cybercriminals have begun redirecting their efforts away from high-profile organizations towards mid-sized companies. Mid-sized businesses are at a particular risk due to their security infrastructure being, on average, less robust than that of large organizations.
Cybercriminals tend to use a combination of phishing attacks, stolen credentials and vulnerable software exploits to access an organization’s infrastructure before planting file-encrypting ransomware on the target’s network. Typically, victims are asked for payment in order to regain access to their network. Failure to meet such demands will result in a loss of their data. Most recently, ransomware groups have been threatening to expose the victim’s sensitive information if payment is not fulfilled. This puts added pressure on organizations who could not only lose their data, but also have their private information publicly exposed.
The joint advisory has recommended conducting regular backups, network monitoring, patch management, along with the tightening of authentication controls in order to stay protected.
Source: https://www.ncsc.gov.uk/news/joint-advisory-highlights-increased-globalised-threat-of-ransomware
