It is not uncommon for many organizations to fail to report data breaches caused by ransomware, or worse, to be completely unaware that they have even taken place. But these days, ransomware is being used for much more than just blackmail. It can be used as a diversion; first harvesting credentials for later use, and then encrypting the drive to keep IT staff occupied while the attacker covers their tracks.
More recently, attackers have accomplished even more nefarious objectives, such as sending critical data to the dark web, or (more alarmingly) auctioning it to the highest bidder. Ransomware can be easily obtained and used by criminals who have little to no hacking skills, via Ransomware as a Service (RaaS). By establishing a network of affiliate partners, malware authors are able to spread their ransomware widely and scale earnings dramatically in the process.
Many threat actors have further evolved from mass-volume consumer attacks, opting instead for more carefully planned and targeted attacks aimed at maximizing disruption. By using a RaaS model, the authors of malware are significantly lowering the bar for launching such attacks, making this particular form of cybercrime accessible and profitable for a larger pool of potential criminals.
Cyber Incidents in ANZ: 2020 Report
The increased reporting of cyber incidents among large companies in ANZ in the first half of 2020 has been clearly evident. A handful of ransomware families are dominating these attacks. In BlackBerry’s new research paper, we investigate some of the tactics used by these ransomware families, and the strategies used to defend against these threats.
True Predictive Prevention
Many of our customers seek out BlackBerry because our products and services are highly effective in preventing ransomware attacks. Contact us today to find out how to minimize the risks of a ransomware breach by transitioning from a reactive to a prevention-first security posture.