Ransomware is not a new phenomenon, but when two large-scale campaigns – Wannacry and NotPetya – caused widespread disruption in 2017 they seemed at first to presage a new pattern of large-scale attacks.
The reality has turned out differently. So far this year, we have seen relatively little ransomware activity, but what there has been is far more targeted and precise. An example of this is the recent use of SamSam ransomware to target 67 organisations in the US, following its deployment against the city of Atlanta earlier in the year.
In the latest attacks, SamSam has been employed not just to look up files but also to infiltrate backups, making protection more complicated using conventional security solutions. Its ability to spread has been boosted by criminals hitching it to the leaked EternalBlue US National Security Agency exploit.
Ransomware and the methods attackers use to delivery its crippling effects are constantly evolving, and organisations must employ a combination of innovation along with best practice processes if they are to defend themselves adequately.
Criminals have become meticulous and more focused
Planning and preparation of such ransomware attacks is far more…
