Microsoft has revealed it is tracking more than 100 threat actors deploying ransomware (opens in new tab) against businesses around the world.
In a recent Twitter thread (opens in new tab) , the company discussed the current state of ransomware, saying the Ransomware-as-a-service (RaaS) ecosystem continues evolving and expanding.
The threat actors (of which the company tracks more than 100) are bringing "varying techniques, goals, and skillsets" to the fray. Right now, more than 50 unique ransomware families are active and in use, the company said.
Focusing on the build-up
While phishing remains the number one way for hackers to deliver ransomware payloads to victims, they're "increasingly" relying on other techniques, as well, Microsoft added.
Among others, they're using malicious ads to deliver victims to websites hosting ransomware and other malware. Some are looking to exploit recently patched vulnerabilities, in hopes that their targets did not get the chance to apply the patch on time. Others are trying to distribute malware that poses as software updates.
Among the most popular ransomware variants these days are Lockbit Black, BlackCat (aka ALPHV), Play, Vice Society, Black Basta, & Royal.
To defend against ransomware, Microsoft says, businesses should not focus on these payloads. Instead, they should focus on the "chain of activities" that lead to the final compromise. In other words, businesses need to make sure their endpoints are always updated with the latest patches, and that their employees are well-trained and always on the lookout for a potential phishing attack.
In phishing attacks, emails usually carry a sense of urgency, demanding the user to immediately download and run a file, or visit a website. Most popular phishing themes include a DHL parcel pending delivery, an unpaid invoice, or similar.
However, that doesn't mean businesses should not deploy malware protection and other cybersecurity solutions. A solid backup solution is a must, in the combat against ransomware, as well as a firewall and an antivirus solution.
- Keep your business safe with the best endpoint protection for small business (opens in new tab)
- CNN team was tracked by Russian operatives in Central African Republic, Bellingcat investigation shows
- New US Justice Department team aims to disrupt ransomware operations
- Microsoft makes Teams consumer features generally available
- Is This Ukrainian Company The Source Of The 'NotPetya' Ransomware Explosion?
- What we know about the pipeline ransomware attack: How it happened, who is responsible and more
- Security News This Week: FBI Head Compares Ransomware Threat to 9/11
- FBI director sees 'parallels' between challenge posed by ransomware attacks and 9/11
- Ransomware is now a national security risk. This group thinks it knows how to defeat it
- DOJ signals plans to coordinate anti-ransomware efforts with the same protocols as it does for terrorism
- An Ambitious Plan to Tackle Ransomware Faces Long Odds
- First on CNN: US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers
- This ransomware-spreading malware botnet just won't go away
- Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police
- Ransomware Hits a Food Supply Giant—and Underscores a Dire Threat
- Ransomware: Survive by outrunning the guy next to you
- Four key takeaways on the US government response to the pipeline ransomware attack
- Ransomware Hacker Skills Now As Good or Better Than Countries, Expert Says
- Microsoft says it took down 94% of TrickBot's command and control servers
- Fujifilm becomes latest ransomware victim as White House urges business leaders to take action
- FBI director draws 'parallels' between ransomware attacks and 9/11
Microsoft's security team says it's tracking over 100 ransomware actors have 600 words, post on www.techradar.com at February 1, 2023. This is cached page on TechNews. If you want remove this page, please contact us.