A brand new report from Arctic Wolf has discovered that 96% of ransomware assaults now contain knowledge theft as criminals search to pressure victims to pay up.
“As potential victims carried out extra dependable backup and restoration processes, ransomware operators launched knowledge exfiltration as a way to use extra strain and shield their income streams,” Arctic Wolf says.
The researchers word that even when the sufferer pays the ransom, there’s no option to assure that the risk actor gained’t retailer the stolen knowledge for future use or promote it discreetly on the underground market.
The report additionally discovered that organizations within the finance and insurance coverage sector are being bombarded by enterprise e mail compromise (BEC) assaults.
“The finance and insurance coverage trade accounted for 26.5% of BEC IR instances, roughly double the second-place trade (authorized and authorities, at 13.3%),” the report says. “Actually, BEC accounted for 53% of IR instances pertaining to finance and insurance coverage — the one trade for which BEC outnumbered ransomware. Clearly, organizations that frequently trade cash and course of cost particulars over e mail are within the crosshairs of BEC assaults.”
Arctic Wolf notes that BEC assaults are fueled by social engineering, which permits attackers to bypass technical safety measures.
“Phishing affords the trail of least resistance within the BEC context, as a well-crafted e mail can trick a sufferer into performing actions that profit the attacker — whether or not immediately fulfilling the objective (e.g., transferring funds) or executing an middleman step (e.g., offering credentials that the attacker can subsequently abuse),” the researchers write.
“However word, additionally, the numerous contribution of beforehand compromised account/credentials. These are instances by which a risk actor stole, purchased, or discovered credentials and used these to log in to some software or system inside the IT surroundings. In some instances, they merely logged in to the e-mail service itself.”
KnowBe4 empowers your workforce to make smarter safety choices daily. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.
Arctic Wolf has the story.