Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Ransomware: These two gangs are behind half of all attacks - Best Business Review Site 2024

Ransomware: These two gangs are behind half of all attacks

[ad_1]

Over half of all ransomware attacks reported during the first three months of this year are the work of just two cyber criminal outfits. 

According to analysis of recorded ransomware attacks between January and March 2022 by cybersecurity researchers at Digital Shadows, LockBit 2.0 and Conti were the two most active ransomware gangs during the three-month reporting period, accounting for 58% of all incidents. 

And of the two, LockBit is by far the most prolific, accounting for 38% of ransomware attacks. That’s almost twice the number of recorded attacks by the Conti ransomware group, which accounted for 20% of campaigns in the same period.  

Both groups steal data from their victims and threaten to publish it on leak sites if the ransom isn’t paid. According to Digital Shadows, LockBit leaked the information of over 200 victims during the first quarter of the year – the most leaks thus far.

While these two gangs were the busiest, other threats included Hive ransomware, Vice Society ransomware and Blackbyte ransomware, among others. 

SEE: Cybersecurity: Let’s get tactical (ZDNet special report)

Conti ransomware has remained a major threat, despite February’s Conti Leaks, which revealed much about the inner workings of the ransomware group. Internal chat logs and other information got leaked after Conti publicly posted a message of support for Russia’s invasion of Ukraine. But this setback doesn’t seem to have dissuaded those behind Conti, who continue to conduct ransomware attacks. 

“While the Conti chat leak is likely to have some impact on the group, it is unlikely that this will significantly affect the group’s market share. Conti has shown no signs of slowing down since the chat logs and source code leak,” Ivan Righi, senior cyber threat intelligence analyst at Digital Shadows told ZDNet.

“However, the leak is a blow to the group’s reputation, and could therefore affect its ability to attract new affiliates and have a long-term impact on its ability to grow,” he added.

One ransomware group does seem to have disappeared. Researchers note that PYSA ransomware, which was the third most active ransomware group during the final three months of 2021 appears to have dropped off the radar. Another previously prolific ransomware group, Revil, also appears to have stopped operating.

But while some ransomware groups seem to disappear, other new ransomware threats continue to appear. Some new ransomware groups which have appeared since January 2022 which have been listed by Digital Shadows include Stormous, Night Sky, Zeon, Pandora, Sugar, and x001xs. It’s likely that individuals involved in groups which shut down simply find new work with other ransomware gangs. 

“New ransomware groups are created at a similar rate to groups being shut down. This is likely because affiliates frequently move from groups that are no longer active to those that are emerging,” said Righi.

“Regardless of the external factors and shifts in targeting, ransomware is likely to remain one of the biggest threats to organizations worldwide over the next quarter,” he added. 

There are several steps which businesses can take to avoid falling victim to ransomware. These include applying security patches to software and operating systems as quickly as possible, so cyber criminals can’t exploit known vulnerabilities to enter and exploit networks.  

Organisations should also roll out multi-factor authentication to all users to provide an extra barrier to attacks and if it’s suspected that a password has been hacked, it should be changed immediately. 

MORE ON CYBERSECURITY

[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot situs toto toto slot