Over the 2nd 4th of the year, 73% of ransomware detections were related to the REvil/Sodinokibi family, portion Darkside attacks expanded to much industries, McAfee says.
Ransomware has turned into 1 of the astir devastating cyberthreats arsenic transgression gangs motorboat destructive attacks against circumstantial industries and organizations. Attackers besides person upped their crippled done aggregate strategies, specified arsenic the double-extortion maneuver successful which they vow to publically merchandise the stolen information unless the ransom is paid. In its latest Advanced Threat Research Report, McAfee looks astatine the astir salient ransomware strains for the 2nd 4th of 2021 and offers proposal connected however to combat them.
SEE: Ransomware: A cheat expanse for professionals (TechRepublic)
Several ransomware incidents garnered headlines implicit the quarter, astir notably the onslaught by transgression radical Darkside against substance transportation inferior Colonial Pipeline and the exploit utilized by the REvil pack to target endeavor IT steadfast Kaseya. But different attacks triggered concerns that ransomware was shifting to a antithetic level of business.
Looking astatine specified apical ransomware groups and strains arsenic Ryuk, REvil, Babuk and Cuba, McAfee noted that criminals are progressively utilizing modular concern practices to workplace retired their activities to affiliates. These groups besides are exploiting communal information vulnerabilities to people circumstantial organizations. Beyond detecting a surge successful ransomware attacks by fashionable families implicit the 2nd quarter, McAfee recovered that criminals expanded their efforts to much sectors.
The assemblage astir targeted by ransomware during the 2nd 4th was the government, according to McAfee. Other industries that fell successful the crosshairs were telecom, energy, and media and communications. Almost three-quarters of the ransomware detections successful the 4th were related to the REvil/Sodinokibi family. Attacks by DarkSide extended beyond the oil, state and chemic assemblage to endanger ineligible services, wholesale and manufacturing.
To support your enactment from the astir prevalent ransomware threats, McAfee offers respective recommendations:
- Block malicious browser popups. In May, McAfee said it detected an summation successful the usage of deceptive popups successful web browsers. Some are simply annoying, portion others instrumentality you into taking an enactment that could pb to a malware infection. To halt this, reappraisal the sanction of the tract sending the notification successful the existent popup. Go the notification settings conception successful your browser. Look for the tract name, click the ellipsis icon adjacent to the introduction and prime Block. For aboriginal popups, let them lone connected sites you spot oregon disable each specified notification prompts.
- Scrutinize Windows propulsion notifications. Scammers are progressively impersonating Windows propulsion notifications to deploy malicious apps that tin compromise idiosyncratic and strategy information. One run adjacent spoofed a Windows Defender update. To protect yourself from these types of threats, spell to the Windows Update surface nether Settings to cheque for updates alternatively than respond to a suspicious notification.
- Protect your web against DarkSide ransomware. DarkSide has turned into 1 of the astir notorious strains of ransomware. A McAfee blog station from May offers penetration into this menace and suggests definite prevention and detection practices.
- Safeguard your virtual machines. Virtual machines person proved progressively invaluable to cybercriminals. A McAfee blog station from June focused connected VMware virtual machines and described however to spot them against information vulnerabilities that tin beryllium exploited by ransomware.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and ThursdaysSign up today
- Ransomware: What IT pros request to cognize (free PDF) (TechRepublic)
- Ransomware attackers are present utilizing triple extortion tactics (TechRepublic)
- How to forestall different Colonial Pipeline ransomware attack (TechRepublic)
- SolarWinds attack: Cybersecurity experts stock lessons learned and however to support your business (TechRepublic)
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Hiring Kit: Cybersecurity Engineer (TechRepublic Premium)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)