While it only makes sense to assume that a cybercriminal would focus specifically on those targets that would bring them the greatest profit—in other words, larger businesses—the reality of modern cybercrime renders this assumption grossly outdated. Let’s examine how different developments in ransomware have made it possible for cybercriminals to be far less discerning in who they target.
Let’s face facts for a moment: in order to be effective, a cybercriminal can take advantage of a few different challenges that small and medium-sized businesses frequently struggle with. For instance:
On top of these opportunities, however, today’s cybercriminal has others they can exploit:
Cybercriminals, like many of the businesses operating today, have embraced the concept of automation to their advantage. Rather than manually attacking individual targets, cybercriminals are able to wage widespread attacks with minimal effort. Even the extortion component of ransomware has become increasingly automated.
One ransomware variant, Avaddon, has been using automation to its advantage. With a Dark Web site listing the companies that have been infected, a countdown is provided that ticks away the time before data is automatically publicized.
Cybercrime is now a legitimate industry (in a manner of speaking), with teams of developers and commission-based structures responsible for spreading attacks far and wide. Ransomware as a Service is just one example of this, with a packaged ransomware attack bundled up for an aspiring cybercriminal to use. These kinds of services only make cyberattacks more accessible to those who would wage them.
Many ransomware attacks have historically extorted money from their victims more than once. Not only are the victims charged for resumed access to their data, but they then have to pay up to keep the attackers from leaking this data out.
Unfortunately for businesses, this approach has evolved. Now, this kind of extortion takes place in four parts:
All in all, these tactics have only made ransomware attacks more successful.
Ransomware is a serious issue for businesses, and isn’t going away anytime soon. That’s why we’re here to help you stop it. Find out more about what we can do by calling (254) 848-7100 today.
Comments