(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity

Changes in the Ransomware Threat to State and Local Governments | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


Agencies Must Prepare for New Ransomware Threats

According to CrowdStrike’s 2023 Global Threat Report, bad actors continued to adapt to defensive measures in 2022. As a result, ransomware attacks are quicker and easier to execute than ever. An IBM X-Force study revealed there was a 94 percent reduction in the average deployment time for ransomware attacks. What took attackers over two months in 2019 took just under four days in 2021.

This vast reduction in attack time may be due to the wide availability of Ransomware as a Service. This is a model in which affiliates pay to launch ransomware attacks developed by operators. The CrowdStrike report found more than 2,500 advertisements for access identified across criminal channels, a 112 percent increase compared with 2021.

Generally, bad actors are looking to make money, and RaaS can benefit the bottom lines of both parties. Entities that create ransomware tools can sell them without the risk of getting caught, while actors who buy ransomware tools don’t need to spend the time and resources to create the tools themselves.

Cybercriminals also are adjusting their expectations and often asking state or local agencies for ransom amounts that officials could reasonably charge to a credit card. This allows bad actors to get payment quickly and avoid bureaucratic delays from special authorizations.

Intermittent encryption is another emerging ransomware threat. It involves bad actors encrypting some parts of a file while skipping others. The technique aims to make encryption faster and less CPU-intensive while still rendering files unusable. Intermittent encryption also aims to make attacks harder to identify, but organizations that have tools to monitor all of their files should be able to detect this.

Click the banner to learn how your agency can increase its ransomware recovery capability.


Click Here For The Original Source.

National Cyber Security