The shift to remote working due to the COVID-19 pandemic exponentially increased organizations’ attack surface, and threat actors across the cybercriminal landscape were keen to exploit remote access. Approximately $350 million in transactions made to crypto wallet addresses were linked to ransomware attacks that took place in 2020, representing a 311% increase from the previous year.
2020 also accelerated the growth of Ransomware-as-a-Service (RaaS) offerings, with sophisticated groups on the underground expanding their operations and reach of attacks – as well as the damages. Protecting organizations from ransomware not only requires preemptive knowledge of imminent threats and the power to block or remediate, but also the ability to gain deeper understanding of the bigger picture: threat actors, their connections, motivations, and more.
While work-from-home accelerated digital transformation, it also exponentially increased organizations’ attack surface - and the potential of a breach.
The emergence of ransomware groups hosting dedicated leaks sites (DLS) has increased the leverage on victims by threatening to expose data in the event of a non-payment.
Decentralized affiliate networks continue to be a menace. As one group gets shut down or retires, affiliates transfer knowledge to the next - thus growing capabilities and best practices.
Know your RaaS
Every year, dark web actors sell access to millions of compromised endpoints and access over various remote protocols, such as RDP and webshells. Anyone can purchase access on these markets and with it, deploy ransomware, siphon system resources, harvest confidential information, and assume control of logged-in accounts. Cybersixgill detects and alerts its customers when their resources are being sold on these markets.
Get alerts as RaaS operators extending their reach and promoting their malware on the underground. Block, analyze and further investigate the bigger picture: actors, their TTPs, motivations, and social networks.
Leverage the first solution based on actors’ intent. Know which vulnerabilities will be targeted, get granular insights around emerging trends and hyper context on actors and their objectives.