Ransomware Spreads Like Wildfire

The scoop

• Operators are always finding new ways to make their attacks more effective and devastating.
• Sophisticated ransomware operators are exploiting VPNs and RDP endpoints to gain access.
• Threat actors have moved toward more targeted attacks, involving double extortion tactics.
• Ransomware-as-a-Service (RaaS) has seen a growth spurt as it automates the repetitive attacks associated with ransomware campaigns.

Fire rolls into the next year

• Kaspersky researchers anticipate a change in the execution of attacks. They suggest businesses pay increased attention to malware ad perform scans to stay ahead of threats.
• The researchers, moreover, predict an increase in targeted attacks against VPN gateways and networked devices, along with social engineering schemes.
• Attacks on critical infrastructure are suspected to rise with the growth in technology.

Notable attacks

• The Brazilian Superior Electoral Court was hit by a major cyberattack, halting its operations for a week. The attackers gained access to its systems, data backups, and network.
• Ransomware operators are targeting tax software files in an attempt to gain access to highly sensitive data and leverage it over victims. In addition, LockBit operators are using PowerShell tools to search for tax software on breached networks.
• E-Land Group suffered a ransomware attack disrupting its operations at almost half of its store across South Korea.

The bottom line