• About
  • Disclaimer
  • Privacy Policy
  • Contact Us
Wednesday, November 29, 2023
Tech Fashion Web
  • Home
  • Fashion
    • Footwear
    • Culture
  • Technology
    • Tech Solution
    • Website Design
    • Cyber Security
    • Software
  • Business
  • Digital Marketing
    • SEO
    • Social Media
  • Travel
  • Entertainment
    • Music
    • Celebrity
  • Health
    • Food
  • lifestyle
    • Home
  • More
    • Gaming
    • Gadgets
    • Education
    • Electronics
    • Gadgets
    • Reviews
    • Law
No Result
View All Result
  • Home
  • Fashion
    • Footwear
    • Culture
  • Technology
    • Tech Solution
    • Website Design
    • Cyber Security
    • Software
  • Business
  • Digital Marketing
    • SEO
    • Social Media
  • Travel
  • Entertainment
    • Music
    • Celebrity
  • Health
    • Food
  • lifestyle
    • Home
  • More
    • Gaming
    • Gadgets
    • Education
    • Electronics
    • Gadgets
    • Reviews
    • Law
No Result
View All Result
Tech Fashion web
No Result
View All Result
Kaspersky report identifies new ransomware trends for 2022

Kaspersky report identifies new ransomware trends for 2022

by Tech Fashion
May 16, 2022
in Technology
0
325
SHARES
2.5k
VIEWS
Share on FacebookShare on Twitter


Ransomware is likely the type of cybercrime that made headlines in 2021 and 2022 looks set to follow that trend. Yet it is still evolving, and new ransomware appears to be more adaptive, resilient and industrialized.

Image: Adobe Stock

According to Kaspersky in a new reportcybercriminals continue to use ransomware to threaten retailers and businesses nationwide, as old malware variants come back as new ones evolve.

Must-Read Security Coverage

A careful technological and geopolitical analysis of the end of 2021 and 2022 brings Kaspersky together a number of new trends in ransomware.

Ransomware tries to be as adaptive as possible

Hunting big game

The Hunting big game (BGH) model has made it so that ransomware threat actors have penetrated increasingly complex environments. As a result, these threat actors must deal with a variety of very different hardware and operating systems, and therefore must be able to run their malicious code on different combinations of architectures and operating systems.

To achieve that goal, some ransomware developers chose to write their code in cross-platform programming languages ​​such as Rust or Golang. An interesting caveat is that Kaspersky mentions that such cross-platform code is also more difficult for defenders to analyze than code written in, say, plain C programming language.

continuous

continuous affiliated threat actors use different ransomware versions. A few Conti affiliates have access to a variant of the malware that: to beat ESXi systems with a Linux variant.

Black cat

Black cat ransomware is written in Rust, which makes it easier to compile on different platforms. According to Kaspersky, it didn’t take long after the Windows version of BlackCat came out to see a Linux version appear. The Linux version is very similar to the Windows version, with minor changes to adapt to Linux: the execution of the command with cmd.exe on Windows has been replaced by the Linux equivalent. Also, the Linux version can shut down the machine and delete ESXi virtual machines (VMs).

deadbolt

deadbolt comes as another example. This ransomware is written as an interesting combination of Bash, HTML and Golang, which makes it able to use cross-platform functionalities, although it only targets QNAP and ASUSTOR NAS devices.

SEE: Password Breach: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechRepublic)

Ransomware ecosystem is becoming more “industrialized”

Ransomware threats, like any other software company, are constantly evolving in an effort to make things faster and easier for themselves and their customers/affiliates.

lock bit is a highly successful ransomware-as-a-service (RaaS) that has shown constant evolution over the years (Figure A). As of 2019, it quickly evolved to welcome affiliates in 2020 and developed a leak portal, double extortion scheme, and data exfiltration before data encryption. Apart from the constant development in functionalities and ease of use, the infrastructure has also been improved over time to be more resilient and against attacks and DDoS attempts.

Image A

Timeline showing the evolution of Lockbit ransomware.
Lockbit evolution from 2019 to 2021. Image: Kaspersky

The StealBIT exfiltration tool is also a striking example of this industrialization phase. Although cyber criminals initially only used publicly available tools to exfiltrate data, they developed their own tool to be less detected, but also to significantly improve data transfer speed. The tool can also exfiltrate only selected files based on the file extensions. Finally, it contains a tracking number of a partner that is sent when the data is exfiltrated.

Ransomware Threat Actors Consider Geopolitics

For starters, geopolitical aspects are now taken into account when infecting targets. Headlines using COVID-19 or the war in Ukraine have been used in spam and phishing emails to trick users into opening attached files or clicking on compromised links.

While the use of COVID-19 in infecting emails was not personal, the war between Ukraine and Russia is different as cybercriminals take sides, with consequences. As an example, the conti leaking As a result, Conti was attacked and exposed by a pro-Ukraine attacker who targeted Conti for their position in the conflict. On February 25, 2022, Conti published a statement on its website saying that Conti would retaliate with full capacity against the critical infrastructure of any enemy if Russia became the target of cyber attacks.

On the other hand, communities such as the Anonymous, Ukraine’s IT military and Belarusian cyber partisans took positions in support of Ukraine.

Freeud, a brand new ransomware variant that supports Ukraine, includes a message in the ransom note stating that Russian troops should leave Ukraine. The ransomware also has erasing capabilities, in case it is configured with a list of files to be erased.

Other ransomware deployed since the start of this conflict has covered up destructive activity: GoRansom and HermeticWiperor DoubleZero Wiper to name a few.

SEE: Mobile Device Security Policy (Tech Republic Premium)

Ransomware Protection Recommendations

Some practical tips to improve your security are:

  • Always keep all software and operating systems up to date, across all devices used by the company. This greatly helps against common exploits of vulnerabilities that can target any system or device.
  • Outbound traffic needs to be monitored intensively to detect exfiltration of large files or suspicious network data transfers.
  • Implement security solutions that can detect lateral movements. Those movements within the corporate network are mandatory for the attackers and must be detected at an early stage to prevent data exfiltration or destruction.
  • In addition to XDR (eXtended Detection and Response) solutions, security solutions with a focus on ransomware must be deployed.
  • Provide specific threat intelligence information to your SOC team.
  • Deploy email protection/anti-phishing solutions as ransomware threats can use spear-phishing to attack the business.

Revelation: I work for Trend Micro, but the opinions expressed in this article are mine.



Source link

Share130Tweet81Share33
Previous Post

TeamViewer vs. Remote Desktop | TechRepublic

Next Post

Elon Musk Says a Lower Price for Twitter Is ‘Not Out of the Question’

Tech Fashion

Tech Fashion

Related Posts

Kubernetes is the key to cloud, but cost containment is critical
Technology

Kubernetes is the key to cloud, but cost containment is critical

by Tech Fashion
March 14, 2023
Business leaders’ expectations for AI/ML applications are too high, say CDOs
Technology

Business leaders’ expectations for AI/ML applications are too high, say CDOs

by Tech Fashion
March 14, 2023
Get a second phone number for only $25 until 3/31
Technology

Get a second phone number for only $25 until 3/31

by Tech Fashion
March 13, 2023
Get 100 GB of secure cloud-based storage for a one time fee of $30
Technology

Get 100 GB of secure cloud-based storage for a one time fee of $30

by Tech Fashion
March 13, 2023
Next Post
Elon Musk Says a Lower Price for Twitter Is ‘Not Out of the Question’

Elon Musk Says a Lower Price for Twitter Is ‘Not Out of the Question’

Your Bosses Could Have a File on You, and They May Misinterpret It

Your Bosses Could Have a File on You, and They May Misinterpret It

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result

Categories

  • Business (4)
  • Celebrity (10)
  • Culture (8)
  • Education (9)
  • Entertainment (3)
  • Fashion (14)
  • Food (7)
  • Footwear (7)
  • Health (6)
  • Lifestyle (14)
  • Music (6)
  • SEO (1)
  • Social Media (2)
  • Software (4)
  • Tech Solution (1)
  • Technology (1,842)
  • Travel (12)
  • Website Design (2)

Recent.

Unveiling the Most Awaited Amazon Upcoming Sale 2023: A Shopper’s Paradise!

October 2, 2023
Unveiling the Spectacular Flipkart Upcoming Sale 2023

Unveiling the Spectacular Flipkart Upcoming Sale 2023: Your Ultimate Shopping Guide!

October 1, 2023
GA4 vs. Universal Analytics

GA4 vs. Universal Analytics: Unraveling the Evolution of Google Analytics

September 30, 2023
Tech Fashion Web

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

Category

  • Business
  • Celebrity
  • Culture
  • Education
  • Entertainment
  • Fashion
  • Food
  • Footwear
  • Health
  • Lifestyle
  • Music
  • SEO
  • Social Media
  • Software
  • Tech Solution
  • Technology
  • Travel
  • Website Design

Recent Posts

  • Unveiling the Most Awaited Amazon Upcoming Sale 2023: A Shopper’s Paradise! October 2, 2023
  • Unveiling the Spectacular Flipkart Upcoming Sale 2023: Your Ultimate Shopping Guide! October 1, 2023
  • GA4 vs. Universal Analytics: Unraveling the Evolution of Google Analytics September 30, 2023

Contact Us

    © 2021 techfashionweb.com . All rights reserved.

    No Result
    View All Result
    • Home
    • Fashion
      • Footwear
      • Culture
    • Technology
      • Tech Solution
      • Website Design
      • Cyber Security
      • Software
    • Business
    • Digital Marketing
      • SEO
      • Social Media
    • Travel
    • Entertainment
      • Music
      • Celebrity
    • Health
      • Food
    • lifestyle
      • Home
    • More
      • Gaming
      • Gadgets
      • Education
      • Electronics
      • Gadgets
      • Reviews
      • Law

    © 2021 techfashionweb.com . All rights reserved.