BUSINESSTECHNOLOGY

Kaspersky Reveals 5 Game-changing Ways Ransomware Gangs Play Today

Share
Before publishing information, ransomware gangs study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.
Before publishing information, ransomware gangs study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.
Share

Over the past few years, the methods cybercriminals use to distribute ransomware has changed dramatically. While a few years ago, they would spread encrypted files on a large scale, today, their ransomware attacks have become more focused. Now, fraudsters examine the target in detail and research each target, looking for additional leverage. Infamous ransomware gangs behave like a fully-fledged online service provider, using traditional marketing techniques. Kaspersky experts have identified five clear examples of this transformation, using the Darkside ransomware gang as an example.

#1 Darkside actively establishes contact with the press

On their website, there’s a semblance of a press center set up to enable journalists to ask questions and receive first-hand information, and to learn about upcoming publications of stolen information in advance. In fact, DarkSide operators strive to get as much resonance in the networks as possible.

#2 Ransomware groups collaborate with decryption companies

This is evident because many state-owned companies are prohibited from entering negotiations with cybercriminals. This has created a demand for such intermediaries, who provide legitimate data decryption services.

#3 Darkside claims to donate part of their income to charity

Thus, they show those who do not want to finance crime, that some of their money will go to a good cause. However, some charities are prohibited from accepting illicit money, and such payments would be frozen.

#4 The cybercriminals now carefully analyse stolen data and the market

Before publishing information, they study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.

#5 The Darkside ransomware gang now has its own code of ethics, just like real enterprises do

They claim to never attack medical companies, funeral services, educational institutions, non-profit organisations, or government companies.

“We’ve witnessed a massive transformation in how ransomware gangs play in the market nowadays. The only reason for this shift is their immense profit. Today, cybercriminals have more funds than ever before, which they can invest in market analysis, and work with partners, journalists, and charities. To defeat them, we need to cut off their financial flows, and namely, to stop paying ransoms,” comments Roman Dedenok, security expert at Kaspersky.

How to Protect Your Business

In order to protect business data from ransomware attacks, Kaspersky recommends:

  • Installing only applications obtained from reliable sources from official websites
  • Always have fresh back-up copies of your files, so you can replace them in case they are lost (e.g. due to malware or a broken device). Remember to store them, not only on the physical object, but also in the cloud for greater reliability. Make sure you can quickly access them in an emergency
  • Paying more attention to digital literacy inside the company. For example, by introducing cybersecurity awareness training for your employees
  • Installing all security updates as soon as they are available. Always update your operating system and software to eliminate recent vulnerabilities
  • Carrying out a cybersecurity audit of your networks and remediating any weaknesses discovered in the perimeter or inside the network
  • Enabling ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware. It also prevents exploits, and is compatible with security solutions that are already installed
  • Remembering that ransomware is a criminal offence. If you become a victim, never pay the ransom. It won’t guarantee that you will get your data back, but it will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. Try to find a decryptor on the internet
Written by
BUSINESS TODAY -

editor [at] businesstoday.co.ke

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow Us

Related Articles
Communications Authority Asks to Review Kenya’s Telecommunications Market Structure
TECHNOLOGY

Communications Authority Asks to Review Kenya’s Telecommunications Market Structure

The Communications Authority of Kenya (CA), the regulatory agency for the ICT...

kenya shilling vs dollar news
BUSINESSMARKETS

Kenya Shilling Stable Against Dollar, Lifted By Diaspora Remittances

The Kenya shilling remains stable against the U.S. dollar, supported by a...

Aga Khan University Hospital Biomass Project
BUSINESS

Aga Khan University Hospital Biomass Project Wins National Energy Globe Award

A Biomass boiler project commissioned by Aga Khan University Hospital, Nairobi (AKUH,...

Vivian Nalianya - Vivanet Solutions
BUSINESSENTERPRISE 101

Hellen Nalianya: Big Shift From Accounts Led to Instant Success in Tech World

After graduation, Hellen Nalianya interned at an audit firm for nine months...