FEATURE : ENDPOINT SECURITY
millions of cybercriminals who previously didn ’ t have the tools to carry out these attacks . Compounding these risks is the adage of affiliate programs for ransomware groups , providing new and unique ways for malware operators to have others deploy their payloads for a cut of the eventual profits .
Throughout 2020 , we have seen expansions in the use of ransomware with some threat actors repurposing ransomware for use as pure wipers , wherein the decryption keys will be able to recover the lost data , and more recently in Denial-of-Service ( DoS ) attacks , impacting core services that citizens rely on every day . There is no sign of these groups slowing down . In fact , a ransomware payload to infect targets . Today , it ’ s unfortunately just as easy to sign up for a grocery delivery service as it is to subscribe to ransomware .”
Top five ransomware families of 2020
The top five ransomware families used to target VMware Carbon Black healthcare customers in 2020 were identified as :
Cerber ( 58 %) Cerber ransomware is a type of malware ( malicious software ) that encrypts your files and then holds them hostage , demanding a ransom payment in exchange for returning them to you .
IT ’ S UNFORTUNATELY JUST AS EASY TO SIGN UP FOR A GROCERY DELIVERY SERVICE AS IT IS TO SUBSCRIBE TO RANSOMWARE .
we are witnessing the exact opposite , with groups beginning to collaborate at an unprecedented scale , share stolen resources and even combine forces .
“ COVID-19 test results are a hot commodity on the Dark Web right now , mostly in the form of large data dumps ,” said Foss . “ An interesting component around today ’ s ransomware attacks is that underqualified , lesser-known cybercriminal groups are behind them thanks to the rise in RaaS . All it takes is a quick search on the Dark Web for someone to license out
Sodinokibi ( 16 %) Sobinokibi ransomware is highly evasive and takes many measures to prevent its detection by antivirus and other means .
VBCrypt ( 14 %) VBCrypt is a malicious program that is unable to spread of its own accord . It may perform a number of actions of an attacker ’ s choice on an affected computer . This virus targets Windows programs .
Cryxos ( 8 %) Cryxos Trojans display deceptive alerts / notifications on compromised or malicious websites . The notifications claim that the user ’ s computer is infected with a virus ( or viruses ), is blocked and some personal details have been stolen .
VBKrypt ( 4 %) The VBKrypt malware family is written in the Visual Basic programming language , which is its main distinguishing trait from other malware families . Based on the specific variant , the trojan may drop files , write to the registry and perform other unauthorized actions on the affected computer system .
Foss said : “ As RaaS explodes in popularity on the crimeware forums , cybercriminals are finding new and unique ways to deploy ransomware across
54 INTELLIGENTCIO APAC www . intelligentcio . com