Cybercrime as a Service: The New Reality
In the past few weeks and months we’ve seen several successful Ransomware attacks -- from the Microsoft Exchange hack, to Print Nightmare and now the Kaseya attack among many others. Cyber criminals are using a wide variety of methods to break your small business security practices to insert malicious software –like Ransomware-- on to your network.
These recent attacks show how hackers are not just targeting data-rich companies such as retailers, banks and insurers – but essential-service providers such as IT services providers, manufacturers, transport operators and food companies, putting you, your customers and partners at a heightened risk.
And these cybercriminals are getting more sophisticated in how and when they attack. Leveraging a wide variety of attack methods from phishing attacks to supply-chain attacks, DOS, SQL injections, Social Engineering, Man in the Middle, Zero Day, the list goes on.
Cybercriminals recognize that businesses close or are short staffed over the weekends and on holidays, making it a great time to slide under the radar and into your network. It is not a coincidence. It is intentional and quite frankly very smart.
You’ve likely heard of software as a service (SaaS), infrastructure as a service (IaaS), and numerous other “as-a-service” platforms that help support the modern business world. What you may not realize is that cybercriminals often use the same business concepts and service models in their own organizations as regular, non-criminal enterprises. While this may have started several years ago, the tactic has continued to grow with today’s criminals taking advantage of easy-to-access solutions.
Despite FBI recommendations, businesses are still paying the ransom to restore operations because they don’t have any other choice. The Colonial Pipeline attack back in June paid $4.4 million to regain control of their operations. Likewise, JBR meatpacking company paid $11 million in bitcoin.
As you can see, Ransomware is a lucrative business. Cybercriminals are now selling their Ransomware attack methods on the dark web as a cybercrime as a service! Every time a ransom payment is made it legitimizes what they’re doing.
What can be done to stop these cybercriminals in their tracks and protect your business from the evolving threats out there today?
Watch ANP's latest webinar on demand: Combating the Ransomware Epidemic and get into the mind of a cybercriminal for a mock cyber attack as we share with you the most dangerous IT practices that will result in Ransomware and the top 5 things you must do today to better protect your business.