Kaspersky explained at length the true nature of ransomware, and its operators, through its new published report.
Like any industry, ransomware comes in different forms and comprises many players that take on various roles. Kaspersky compares it to the world of Guy Ritchie’s “The Gentlemen.” There are several different actors – developers, botmasters, access sellers, ransomware operators – involved in most attacks, supplying services to each other through dark web marketplaces.
These groups are clustered together with one goal to profit. They target organizations that are vulnerable to cyber threats or ones that they can gain easier access to. This means the target is applied to any organization or even individuals, which is why the unscrupulous operation should be deal with seriously.
The ransomware ecosystem is a complex one with many interests at stake. It is a fluid market with many players, some quite opportunistic, some – very professional and advanced. They do not pick specific targets, they may go after any organization – an enterprise or a small business, as long as they can gain access to them. Moreover, their business is flourishing, it is not going away anytime soon.
-Dmitry Galov, security researcher at Kaspersky’s Global Research and Analysis Team.
For this reason, Kaspersky encourages all organizations to know more about its nature and how it operates. To learn more, read the full report here.
As side tips, the cybersecurity company also enlist these best practices to help safeguard their businesses against ransomware:
- Always keep software updated on all the devices you use, to prevent attackers from infiltrating your network by exploiting vulnerabilities.
- Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to the outgoing traffic to detect cybercriminals’ connections. Set up offline backups that intruders cannot tamper with. Make sure you can quickly access them in an emergency when needed.
- Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions.
- Install anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within the Kaspersky Expert Security framework.