Recent research by leading cybersecurity firms such as SonicWall, McAfee and F-Secure has found that brute force attacks are now the preferred means of spreading ransomware however, phishing emails remain popular. While several reports last year showed that ransomware was on the decline the news for 2019 isn’t so good. The image below from SonicWall shows that Ransomware is on the increase in 2019 with a recent report from McAfee showing that attacks that leverage file locking malware have more than doubled in 2019.
The Attack Landscape H1 2019 report from F-Secure informs us that the most common delivery method for ransomware during the period was via remote desktop protocol (RDP) at 31% of cases. What these reports confirm is that ransomware hasn’t gone away and is once again on the rise, it’s simply how the victims are targeted that has changed
Brute force attacks are when hackers attempt to compromise servers and endpoints by using bots to enter as many passwords as possible. The best way to explain this is to use a Game of Thrones (GOT) battle scene analogy. Even if you’re not a GOT fan, you should still understand this and if you are a GOT fan then you’ll probably agree that the final season was a major let down. Anyway back to the battle; Throughout the shows run there were many battle scenes where large armies attacked seemingly impregnable fortresses such as the Battle of Casterly Rock. To break a fortresses defences, they would throw everything at it (including the odd dragon) in the hope of gaining entry by force. Your network is your fortress where you keep all of your valuable data and the passwords you employ act as sentries that guard against unwelcome entry. Having weak passwords is like having poorly trained sentries on guard. They only offer minimal protection and will be bypassed eventually.
While ransomware attacks should be a cause for concern for your organisation, preventing or at least greatly reducing the likelihood of an attack, is fairly simple.
Back in the summer of 2017, we published, Ransomware – The Complete Survival Guide, that discussed the history of Ransomware up to that point and steps you should take to mitigate against an attack. The advice given in 2017 is still valid and in particular, we recommend that you implement the C.U.B.E system.
John Grennan – IT.ie