This post (post 2 of 3) considers what is driving this drastic spike in ransomware attacks and the hacker ecosystem.
Here are a few insightful hi-lights from an article titled, “For cyber terrorists, business has been booming during Covid pandemic,” published on August 15th of this year in The Print:
- 20 percent increase – 121.4 million assaults globally – first half of this year
- Employees are coming back to work with infected computers
- Manufacturing companies are more susceptible “…they aren’t able to go offline even for just a few days.”
- Cyber attack groups vary – some hit 4-5 companies a day for a quarter-million dollar payout and move on – others go for the $10 million dollar score
- Hackers ecosystem – some groups facilitate attacks – other hackers are for hire – and other hacker groups only dispose of Bitcoin
- Every single infected computer has its own decryption key
- Need to often go back to hacker for help to get decryption to work
- Hackers deal with so many victims they sometimes get confused and give the wrong decryption keys to the wrong victims
- Some hackers are completely inept, so, ironically, if you’re attacked, you want to be attacked by a technically proficient hacker
- There’s been a move away from hackers using Bitcoin.
- Law enforcement is becoming more proficient at tracing Bitcoin payments
The next and final post will review in more detail the pattern of these attacks, and what victims and security professionals are suggesting as ways to respond.
Disclaimer: IPPIBlog.com is offered as a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, with regard to content provided in IPPIBlog.com. We disclaim any and all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such person and the accuracy and validity of the information provided by them. This blog is provided for general information purposes only and is not intended to provide legal or other professional advice.