In Australia, the head of the local intelligence
agency was recruited to inform universities about
cyber threats and ways of prevention. This was
one of the initiatives put in place after an
extremely sophisticated threat actor
compromised the Australian National University
(ANU) and persisted within the university’s
network for months at a time.
Small targets, end-users not safe
Although there has been a continued shift toward
higher profile targets, ransomware attacks
against average end-user remain steady.
This year SonicWall found that ransomware
operators are more willing to chat and negotiate
with their victims. In fact, SonicWall has studied
ransomware crime groups and operators via
several live conversations, including one well-documented, two-week dialog with a Russian ransomware cell.
Most interactions between victim and operator is via email, but everything from Telegram to builtin, custommade chat applications are being used to contact victims for payment.
The past 12 months have also seen an increase in sextortion scams, where
attackers claim to have obtained highly sensitive personal information — usually
images — of their victims.
These attacks take the form of a simple email claiming that personal information or
photos will be released to the victim’s contacts if the ransom demand is not met. In most cases, the false claims are scare tactics and no security compromise or malware
have been used.
SonicWall also observed that cybercriminals favor using readily available ransomware kits for their attacks. Like SonicWall highlighted in the 2019 mid-year report, the most
detected ransomware are variants available
via ransomware-as-a-service (RaaS) offerings.
Other popular options include ransomware
apps that are based on open-source code.
See how the experts at CisCom can help you with this and more!
Blog content for the Sonic Wall Cyber Threat Report series provided by our partners at SonicWall.