Saturday 18 September 2021
 
»
 
»
Story

Mohammed Al-Moneer

One of the ‘worst years for ransomware’

DUBAI, August 5, 2021

This year has turned out to be one of the worst years for ransomware, says Infoblox in its Quarterly Cyberthreat Intelligence Report for Q2 2021. 
 
Approximately 10% of all breaches now involve ransomware. The impact and expense of successful ransomware attacks can be crippling to an organisation. 
 
The recent attacks on JBS and Colonial Pipeline have once again brought focus to the danger of increasingly sophisticated ransomware campaigns.
 
The estimated payments in 2020 associated with ransomware have been estimated to be about $370 million in cryptocurrency. Ransomware costs are not just about the ransom payouts. The total damage associated with ransomware is estimated to be much higher than the cryptocurrency payouts—perhaps $20 billion. 
 
The report overviews the ransomware-as-a-service process flow and the primary channels of distribution, as well as provide deep coverage of ransomware campaigns where we have previously done original research. The report includes information on the NIST cybersecurity framework profile for ransomware risk management, and the CISA new ransomware readiness assessment, both published by these government agencies in June of this year.
 
The report reviews the new and recently emerged malware variants and trends, how these differ from other variants we have seen in the past, and defensive tactics and best practices that work. Included in the report is coverage of the company’s published research and cyberthreat advisories on the following campaigns:
Malspam Campaign Spoofing Waybill Delivers Nanocore Rat - June 28, 2021
Hancitor Downloads Infostealers - June 22, 2021 
Shathak Pushes IcedID Banking Trojan - June 9, 2021
RemcosRAT Malspam Campaign Spoofs UAE Machinery Company Correspondence - June 2, 2021
Cyberthreat Advisory - Nobelium Campaigns and Malware - June 2, 2021
Graftor Adware Still Circulating - May 27, 2021
Biotech-Themed Malspam Drops BitRAT - May 18, 2021
Cyberthreat Advisory: DarkSide Ransomware Attack on Colonial Pipeline - May 13, 2021
Malspam Delivering Agent Tesla Keylogger Spoofs Oil & Gas Co. Messages - May 12, 2021
Cyberthreat Advisory: FiveHands Ransomware - May 10, 2021
Polish Language Malspam Campaign Delivers AveMaria Infostealer - May 3, 2021
Post-Takedown Trickbot Activity - April 28, 2021
Spoofed Vehicle Purchase Invoice Malspam Drops Formbook Infostealer - April 16, 2021
Agent Tesla Malspam Campaign Spoofs Bank Correspondence - April 13, 2021
Italian Economic Support-Themed Malspam Delivers Ursnif Banking Trojan - April 1, 2021
 
GUIDANCE ON DNS SECURITY
DNS is key to the foundational security stack in the public sector. The NSA and CISA have gone on record in 2021 with guidance recommending that every agency, organisation and enterprise leverage the existing DNS protocol and architecture by using a protective DNS (PDNS) service. 
 
Infoblox foundational security using BloxOne Threat Defence provides very comprehensive DNS security capability. Infoblox received 100% of the performance score based upon the criteria defined by NSA.
 
Mohammed Al-Moneer, Regional Director, META Region at Infoblox says: “The Q2 2021 Cyber Threat Intelligence Report provides detailed analysis on the most pressing risks and cyber threats facing business organisations today. For IT security professionals, the report delivers important news on the evolving methodologies and technologies attackers are using to breach defenses. Just as importantly, it details the measures law enforcement is bringing to bear to combat the ransomware wave that’s plagued international businesses and non-profits in recent years. Accurate intelligence about timely, relevant threats enables an organisation to make thoughtful, targeted improvements to its defenses and lower its risk.”-- TradeArabia News Service
 



Tags:

More IT & Telecommunications Stories

calendarCalendar of Events

Ads