If there’s one cybersecurity term everyone knows, it’s ransomware.
It’s the act of a bad actor holding a system, assets, or valuable data for ransom and demanding a high payment. Ransomware appears to be everywhere these days, from a spam email that leads a user’s MacBook to be taken over by malware to a Russian hacking group targeting government entities through a major third-party supplier. There’s a reason the term keeps making headlines, though; it’s because it’s happening more often with positive results for hackers.
Why Is Ransomware Effective, And Why Is It Increasing?
Here’s a breakdown of how a ransomware attack works: A hacker gains access into an organization’s system and through lateral movement (and often a lack of internal access controls), is able to gain entry to something valuable. That could be patient privacy data for a healthcare organization, operation controls for a factory or the Social Security numbers and names of customers at a major retailer.
Because many organizations lack proper cybersecurity protocols – like fine-grained access controls or access limitations for third parties – bad actors have found it easy to move laterally once they breach a system. Take the Kaseya attack in which attackers were able to hack a software update and push it through to hundreds of customers, including a grocery store chain, schools and a national railway system. Right now, 51% of breaches originate from a third party, which highlights how lucrative an access point it is for attackers. Not to mention that human error is still playing a significant role in how often organizations get breached. There is a 17% rise in the number of employees offered money to aid in ransomware attacks against their employer, and 75% of organizations experienced a phishing attack in 2020. The data shows that ransomware simply works. Read more:https://bit.ly/3D8lIKm