Ransomware attacks on businesses are spiking, says Kaspersky

Security company says easy-to-use tools make ransomware attacks easier to run

Kaspersky has reported a spike in ransomware attacks targeted at larger businesses.

The increase in such attacks is down to their simplicity and high returns, said Kaspersky senior malware analyst Anton Ivanov.

In particular, attackers can use open source software to make their own encryptors "without making any special effort", he said in a blog post

"A vivid example is the Mamba encryptor based on DiskCryptor, an open source software," he explained. "Some cybercriminal groups do not even take the trouble of involving programmers; instead, they use this legal utility 'out of the box'."

Ivanov said attackers have a three-step process: find an organisation with an unprotected server with RDP access; guess or buy the password; encrypt a node or server.

"The cost to organise such an attack is minimal, while the profit could reach thousands of dollars," he said.

Of course, not all attacks are so basic, he added, saying "true professionals are also active on the playing field", taking the time to carefully select targets and plan attacks that will last for weeks.

Regardless of the skill of the attackers, companies have to take a few key steps to protect their networks. That includes constantly backing up all servers, audit all nodes and servers to update outdated software, and protect all types of remote access.

The security firm noted the increase as it revealed more organisations have joined its No More Ransom project, designed to offer help to ransomware victims via free unlock tools, so people don't need to pay out to get their data back hopefully discouraging attacks in the future.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

16 Dec 2020
BEC scammers using Google Forms to identify easy victims
phishing

BEC scammers using Google Forms to identify easy victims

21 Jan 2021
Weekly threat roundup: SAP, Windows 10, Chrome
vulnerability

Weekly threat roundup: SAP, Windows 10, Chrome

21 Jan 2021
Biden nominees highlight tough cyber security challenges
cyber security

Biden nominees highlight tough cyber security challenges

20 Jan 2021

Most Popular

SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021