cyber trends
organisations surveyed in this category
saying they were hit by a significant
attack in the previous year. At a global
level, media, leisure and entertainment
businesses in the private sector were
most affected by ransomware, with 60%
of respondents reporting attacks.
On the face of it,
paying the ransom
appears to be
an effective way
of getting data
restored, but this
is illusory.
Attackers increase pressure
to pay
SophosLabs researchers have
published a new report, Maze
Ransomware: Extorting Victims for 1 Year
and Counting, which looks at the tools,
techniques and procedures used by
this advanced threat that combines data
encryption with information theft and the
threat of exposure. This approach, which
Sophos researchers have also observed
being adopted by other ransomware
families, like LockBit, is designed to
increase pressure on the victim to pay
the ransom. The new Sophos report
will help security professionals better
understand and anticipate the evolving
behaviours of ransomware attackers and
protect their organisations.
“An effective backup system that
enables organisations to restore
encrypted data without paying
the attackers is business
critical, but there are other
important elements to
consider if a company
is to be truly resilient
to ransomware,” added
Wisniewski. “Advanced
adversaries like the operators
behind the Maze ransomware
don’t just encrypt files, they
steal data for possible exposure or
extortion purposes. We’ve recently
reported on LockBit using this tactic.
Some attackers also attempt to delete
or otherwise sabotage backups to make
it harder for victims to recover data
and increase pressure on them to pay.
The way to address these malicious
manoeuvres is to keep backups offline
and use effective, multi-layered security
solutions that detect and block attacks
at different stages.” u
www.intelligentciso.com | Issue 26
21