Malware researchers from Check Point and IBM X-Force Incident Response Teams have released data that details the rise of ransomware. The top ransomware families are Maze, Ryuk, and REvil (Sodinokibi) and they have been seen surging in number of incidents at a global level between June and September. Data from Check Point refers to the third quarter of this year during which Maze and Ryuk were the most prevalent ransomware families with Ryuk attacking an average of 20 companies per week. According to the data, Ryuk increased its activity in July and focused its efforts on healthcare organizations which are still under heavy stress from the pandemic. The research shows the U.S. was the most heavily hit country in the third quarter. Ransomware attacks have been very profitable for the threat groups with REvil netting almost $81 million profit so far this year.
Analyst Notes
One of the most effective ways to recover from an attack is to have a system of secure backups. The 3-2-1 method, 3 copies of the data on 2 separate storage media with 1 of them being offsite is the best method of backing data up. Organizations should also verify that security updates are applied in a timely fashion. Companies can also either limit or restrict remote access to their networks by using a strong VPN solution with multi-factor authentication to reduce the chances of remote attacks. All organizations should provide training to their employees on how to identify and deter phishing attacks, which is still one of the predominant methods of infection. When all of the other security controls fail to keep an attacker out, it is important to monitor activity inside of the corporate network to detect the early signs of a compromise and stop the attack before serious damage is done. The cost of paying even one ransom and the business downtime that results from an attack could easily pay for several years of professional security services to avoid the problem altogether.
Source Article: https://www.bleepingcomputer.com/news/security/ransomware-threat-surge-ryuk-attacks-about-20-orgs-per-week/
