Ransom attacks are more successful than ever, and a combination of several factors has led to this. Cyber-attackers have more access to corporate networks than ever before and have been more successful in extortion.
According to New report Published by the Royal United Services Institute (RUSI) and cyber security company BAE Systems, a full-blown tornado has led to the success of ransomware attacks on various organizations around the world.
Various elements have contributed to this success, including the easy access of cyber-attackers to ransomware and its distribution, as well as proper payment. The spread of the corona virus in the world has also led to easier access of hackers to the networks of various companies.
In spite of all this, paying ransom to the hackers ultimately encourages them to take such a route and makes such attacks seem normal. According to a recent report, the more companies are willing to pay ransom, the more acceptable such attacks will be:
“As the number of organizations paying bribes increases, it becomes more acceptable to pay to solve the problem.”
The report states that the ability to receive such amounts of cyber insurance is likely to increase companies’ willingness to pay ransom to hackers.
One of the reasons for the increase in ransomware attacks in recent months is the creation of ransomware as a service so that even less professional cyber-attackers can fall victim. Hackers pay a fee or subscription to access ransomware and use it as part of their attacks.
Such services are not available for powerful ransomware attacks, yet some, such as REvil, result in hundreds of thousands of dollars in ransom. The ransomware makers receive a portion of this revenue.
In the hope of making more money, ransomware publishers publish them in underground forums so that they can attract more hackers or even ordinary users and launch a customer service.
Ransom groups are constantly evolving, and such a feature makes attacks successful. Of course, hackers have gone even further and resorted to “double extortion.” In fact, this method puts the victims under more pressure, because the attackers, in addition to stealing the data, threaten the victims by disclosing them.
In addition, the various ways in which hackers can gain access to networks is another reason for the success of ransomware attacks. With the spread of Covid-19 and the telecommuting of most employees around the world, hackers can take advantage of their accounts to gain access to corporate networks.
The report concludes that ransomware attacks continue as long as they benefit developers and attackers, so they should be prevented. Achieving such a goal depends on increasing security. Companies and organizations can prevent such attacks and ransom by improving network security.
To improve network security, organizations and companies must always install the latest security patches on networks to avoid vulnerabilities. In addition, they need to go for multi-factor authentication.