The Characteristics of Ransomware
Counter-Ransomware (C-RW)
Counter-Ransomware. National security-grade solutions to ransomware. Everything you need, in one place.
Characteristics of Ransomware Crime, by AB?
Ransomware attacks against companies are mainly the work of an organised criminal group (OCG), although some may be driven by (violent) political motivations and carried out by individuals and state sponsored entities.? Organised criminals, as the name implies, work to plans; they are pragmatic and risk adverse.? They invest in reconnaissance and research (digital and physical) and can be patient and cunning, in order to maximise their return.? They are increasingly specialised, with groups either combining to conduct an attack, or simply selling on the results of their own efforts to another group for further exploitation.???
One group will use software to look for victims, to find weakness in a system and to get a ‘foot in the door’.? Another may then buy that access and then use other software to reconnoitre, to build up a picture of the company, its assets, its value, its secrets, its clients, its life.? A third may then buy that picture and commence the ransomware attack, using its knowledge to intimidate, frighten and negotiate the best price for releasing the system.??
领英推荐
The software tools used are developed and traded on the unstructured ‘dark’ web, as may be data and secrets stolen during the ransom.? This is likely to happen even if the system is released back to the victim company. Thus, being ransomed once is likely to increase the chances that it will happen again.? Either because the ransomers have left a software ‘backdoor ajar’ for them to return - perhaps months even years later - or because they have sold the access key to another group on the dark web, the problem is likely to be persistent.????
Like all criminals, ransomers can be deterred by effective defences and evidence of preparedness – they will focus on visible vulnerabilities and early evidence of poor security procedures.? While the main crime vector is digital, the initial approach may be to a member of staff in a pub or through inducing the office cleaner to look for passwords left accessible on desks or discarded in the wastebin.??
Media Executive and Non-Executive Director
2 年interesting stuff. In my experience - at a former company that got badly hit - the "vector" was the bad guys simply sending an email with a tempting attachment. A staff member, who should have known better, clicked on it and boom...our whole system went into a death spiral. Total chaos, IT running around with their hair on fire and everyone locked out for weeks.