Kaspersky has reported a spike in ransomware attacks targeted at larger businesses.
The increase in such attacks is down to their simplicity and high returns, said Kaspersky senior malware analyst Anton Ivanov.
In particular, attackers can use open source software to make their own encryptors "without making any special effort", he said in a blog post.
"A vivid example is the Mamba encryptor based on DiskCryptor, an open source software," he explained. "Some cybercriminal groups do not even take the trouble of involving programmers; instead, they use this legal utility 'out of the box'."
Ivanov said attackers have a three-step process: find an organisation with an unprotected server with RDP access; guess or buy the password; encrypt a node or server.
"The cost to organise such an attack is minimal, while the profit could reach thousands of dollars," he said.
Of course, not all attacks are so basic, he added, saying "true professionals are also active on the playing field", taking the time to carefully select targets and plan attacks that will last for weeks.
Regardless of the skill of the attackers, companies have to take a few key steps to protect their networks. That includes constantly backing up all servers, audit all nodes and servers to update outdated software, and protect all types of remote access.
The security firm noted the increase as it revealed more organisations have joined its No More Ransom project, designed to offer help to ransomware victims via free unlock tools, so people don't need to pay out to get their data back hopefully discouraging attacks in the future.
-
Windows 10: Six essential steps IT teams should take over the next two monthsIndustry Insights With Windows 10 support ending soon, IT leaders must act now to mitigate risk
-
New chapter, same partners: Keeping the channel aligned with changeIndustry Insights How to maintain strong channel partnerships amid evolving strategies and market change
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employeesNews The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaosNews Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so farNews A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culpritsNews Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackersNews While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
