Identifying Tactics Used to Disseminate Ransomware
The report in question comes from security researchers at Coveware. This report analyzed ransomware attacks throughout the second quarter of 2021 and found that phishing attacks and remote desktop protocol (RDP) attacks were the most common methods of infecting systems with ransomware. It should be noted that these were for the initial methods used by hackers to gain access to systems prior to installing ransomware on the infiltrated networks.
These methods are particularly noteworthy as they are low-cost, high-reward ways for hackers to attempt infiltration of networks. Phishing attacks can be leveraged against countless targets all at once, and remote desktop protocol attacks can be used to brute force accounts using guessed or stolen passwords. While these attacks can be protected against easily enough, it only takes one instance of such an attack being successful to create troubles for targeted organizations.
For your reference, here are the three top threats that give other threats a foothold on your network, as reported by the Coveware report:
- Phishing: 42%
- RDP Attacks: 42%
- Software Vulnerabilities: 14%
Also of note are the types of ransomware that are being spread by hackers. The one that made headlines not too long ago with attacks against Kaseya, REvil, was the top ransomware on the list, followed by Conti, a ransomware used against the Irish healthcare system.
You cannot take risks with ransomware and any other security threats to your business, no matter how small or seemingly insignificant they are. You should utilize any methods possible to optimize your defenses in any way you can. You must make sure that your applications are as up-to-date as possible at all times, your network is secured with comprehensive security solutions, and you have multi-factor authentication enabled to keep compromised passwords or other account credentials from being used as a backdoor to your network.
White Mountain IT Services can help your business ensure that it has done all that it can to protect your infrastructure. Even if you don?t know where to start, our trusted and knowledgeable professionals will work with your company to keep it safe from security threats of all kinds. We?re not talking about ransomware exclusively?we mean all threats, including viruses, malware, spyware, trojan backdoors, and so much more.
To start taking your network security seriously, reach out to us at (603) 889-0800.