BUSINESSTECHNOLOGY

Kaspersky Reveals 5 Game-changing Ways Ransomware Gangs Play Today

Share
Before publishing information, ransomware gangs study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.
Before publishing information, ransomware gangs study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.
Share

Over the past few years, the methods cybercriminals use to distribute ransomware has changed dramatically. While a few years ago, they would spread encrypted files on a large scale, today, their ransomware attacks have become more focused. Now, fraudsters examine the target in detail and research each target, looking for additional leverage. Infamous ransomware gangs behave like a fully-fledged online service provider, using traditional marketing techniques. Kaspersky experts have identified five clear examples of this transformation, using the Darkside ransomware gang as an example.

#1 Darkside actively establishes contact with the press

On their website, there’s a semblance of a press center set up to enable journalists to ask questions and receive first-hand information, and to learn about upcoming publications of stolen information in advance. In fact, DarkSide operators strive to get as much resonance in the networks as possible.

#2 Ransomware groups collaborate with decryption companies

This is evident because many state-owned companies are prohibited from entering negotiations with cybercriminals. This has created a demand for such intermediaries, who provide legitimate data decryption services.

#3 Darkside claims to donate part of their income to charity

Thus, they show those who do not want to finance crime, that some of their money will go to a good cause. However, some charities are prohibited from accepting illicit money, and such payments would be frozen.

#4 The cybercriminals now carefully analyse stolen data and the market

Before publishing information, they study the contacts of the company and identify well-known customers, partners and competitors. Kaspersky experts state that the main purpose of this is to maximise target damage, to intimidate victims and to increase the chances of getting a ransom.

#5 The Darkside ransomware gang now has its own code of ethics, just like real enterprises do

They claim to never attack medical companies, funeral services, educational institutions, non-profit organisations, or government companies.

“We’ve witnessed a massive transformation in how ransomware gangs play in the market nowadays. The only reason for this shift is their immense profit. Today, cybercriminals have more funds than ever before, which they can invest in market analysis, and work with partners, journalists, and charities. To defeat them, we need to cut off their financial flows, and namely, to stop paying ransoms,” comments Roman Dedenok, security expert at Kaspersky.

How to Protect Your Business

In order to protect business data from ransomware attacks, Kaspersky recommends:

  • Installing only applications obtained from reliable sources from official websites
  • Always have fresh back-up copies of your files, so you can replace them in case they are lost (e.g. due to malware or a broken device). Remember to store them, not only on the physical object, but also in the cloud for greater reliability. Make sure you can quickly access them in an emergency
  • Paying more attention to digital literacy inside the company. For example, by introducing cybersecurity awareness training for your employees
  • Installing all security updates as soon as they are available. Always update your operating system and software to eliminate recent vulnerabilities
  • Carrying out a cybersecurity audit of your networks and remediating any weaknesses discovered in the perimeter or inside the network
  • Enabling ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware. It also prevents exploits, and is compatible with security solutions that are already installed
  • Remembering that ransomware is a criminal offence. If you become a victim, never pay the ransom. It won’t guarantee that you will get your data back, but it will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. Try to find a decryptor on the internet
Written by
BUSINESS TODAY -

editor [at] businesstoday.co.ke

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

WHAT YOU NEED TO KNOW IN POLITICS

FOLLOW US ON SOCIAL MEDIA

Related Articles
Creating strong passwords
TECHNOLOGY

How To Create Unbreakable Passwords

Unbreakable Passwords: Despite their enormous importance, there are still a high number...

In a statement, Naivas disclosed that it had engaged cybersecurity firm CrowdStrike following a data breach. [Photo/ RMS]
BUSINESSFEATURED STORY

Explained: How Ransomware Attacks Work, as KAA, Naivas Hit

With cyberattacks on the increase in Kenya, businesses of all sizes face...

A smartphone user.
TECHNOLOGY

Five Healthy Digital Habits For 2023

Early January is a great time to start using healthy digital habits...

A cybercriminal at work.
FEATURED STORY

Malicious Spam Campaign Targeting Organisations Grows 10-fold In A Month

Kaspersky has unveiled a significant spike in activity from a malicious spam-email...