Ransomware attacks rank among the most damaging for companies of all sizes. The sudden loss of file access combined with demands for quick payment and the threat of data deletion have put many IT departments on high alert, warning users never to open unsolicited email attachments, visit suspicious websites or download third-party applications.
Nonetheless, hackers are working hard to evade increasing corporate scrutiny; ransomware-as-a-service (RaaS) threats are now targeting the historically defensible Mac OS, even as attackers roll out “fileless” ransomware vectors that leverage common computing services to execute malicious commands and download infectious payloads. Here’s a look at the potential impact — both present and future — of evolving ransomware threats.
What makes ransomware so popular? For many attackers, it comes down to ease of use. When companies discover their network is compromised, they’re often eager to pay the ransom, rather than risk loss of critical files or endure negative PR. The emerging bitcoin/cryptocurrency landscape also informs the spread of ransomware. In most cases, victims are directed to pay a specific sum in bitcoin (or other cryptocurrency) to a designated email address. By leveraging entirely digital currency, hackers can effectively anonymize their demand for payment, while the nature of blockchain transactions can ensure that all transfers are securely completed and cannot be reversed.
Also worth noting, new hacks utilizing the same vulnerability as popular ransomware WannaCry have been spotted installing cryptocurrency miners on victim computers. Although the machines continue to perform normal functions, they’re also tasked with a background process to create digital currency — which has potentially generated more than $1 million for attackers.
Hackers are also getting wise to the fact that security applications and researchers can quickly red-flag and then black-list malicious files and groups, limiting the impact of traditional ransomware delivery methods. Attackers have adapted by developing new strains of fileless ransomware that uses existing processes to execute compromising commands.
While the initial trajectory is the same — victims either open malicious email attachments or browse compromised websites — new fileless attacks don’t download any data. Instead, they open a command line and run PowerShell scripts straight into computer memory. This forces a secondary file download that contains both the ransomware dropper itself and the encryption key. Users are then faced with familiar splash screens and demands for payment. For hackers, value comes from initial contact, since traditional malware detection and anti-virus tools don’t classify PowerShell scripts as potential attack vectors. For companies, the shift in ransomware rollout demands a change in focus: Indicators of attack — such as code execution or lateral network movement — must become part of the IT security foundation.
Ransomware is on the rise, with hackers looking to grab (or create) cryptocurrency and avoid unwanted attention. For more information on fileless ransomware, read the infographic below to understand the risks to develop new strategies and lower the ransomware infection impact.
Author bio: Con Mallon is Senior Director of Product Marketing at CrowdStrike, where he oversees positioning of products and communication, go-to-market programs, competitive differentiation, and sales assets and tools. Mallon started his career in the United Kingdom, and has more than 20 years of marketing and product management experience within the technology sector.
In a world where the digital economy is growing at lightning speed, the race to…
Mia Sanders, NYC Entrepreneur, Made Millions by Investing in BTC: Could BlockDAG Be Next for…
A Miami Artist's $5.2M Solana Success: Does BlockDAG Hold Equal Promises for 30,000x ROI? Success…
Recent market trends show that the new DeFi coin, FXGuys ($FXG), has been the go-to…
Curious about where the Polkadot price is headed? Or maybe you’re wondering if XLM’s rally…
Any investor can achieve outstanding profit by selecting the best crypto presale in the growing…