Please wait, authorizing ...

Don't have an account? Register here today.


3 Most Common Ways a Ransomware Attack Spreads

Ataque ransomware

International. Guardicore shared that cybercriminals, when spreading a ransomware attack, most often use emails, malicious URLs, and the remote desktop protocol.

According to a study by Guardicore (part of Akamai) "Ebook for 5-step ransomware defense, how to strengthen your defenses beyond the perimeter" a ransomware attack carries several extremely harmful consequences such as disruption in productivity, such as brand damage and loss of customer loyalty, among others.

Such damages were estimated to happen every eleven seconds in 2021 and cost $20,000 dollars. Meanwhile, the average cost of a ransomware payment is $84,000 and the average downtime left by this type of incident to a company is 16.2 days.

Considering the overflowing growth of ransomware-type cyberattacks in recent years, Oswaldo Palacios, Senior Account Executive for Guardicore, opined that one of the weaknesses in the cybersecurity strategies of the organizations that most exploit attackers is the lack of east-west visibility in data centers.

- Publicidad -

Likewise, he added that lateral movements are rarely detected in a timely manner, a matter of knowledge of ransomware developers, who take advantage of security weaknesses and gain access to critical assets, due to that lack of visibility and segmentation.

The Guardicore expert was emphatic that the most used way for the spread of ransomware in a company is still email, because having weaknesses of the protocol, it is taken advantage of that it is relatively simple to confuse the user by saying that he has a package pending delivery, a rejected purchase or striking names.

Ataque ransomware por email

3 Most Common Ways to Introduce and Spread Ransomware
In the words of Oswaldo Palacios, the common techniques to generate and spread a cyberattack using malware are:

1. Emails: These emails can be general or involve spear phishing tactics that tailor content to a specific organization or person, hoping it will provoke an interaction, such as opening an attachment or clicking on a link, and giving bad actors a vehicle to deliver malware.

2. Malicious URLs: Malicious URLs commonly appear in phishing campaigns, but they can also be embedded in a website or anywhere a user can click. In the case of ransomware, after the target interacts with the URL, the malware will often attempt to self-install on the victim's machine, where it can begin to spread and spread to multiple assets.

3. Remote Desktop Protocol: The use of virtual desktop infrastructure (VDI) has become a fast-growing attack surface. A significant VDI risk includes the fact that all infrastructure and applications are often located on the same server. If an attacker can successfully introduce malicious software, it can be difficult to detect it until it is too late.

- Publicidad -

Palacios also assured that the active directories and critical applications are among the most attacked points, since there resides the information of the users such as their permissions, accesses and privileges within the company. That is why once an attacker has taken possession of the active directory, the access of the users to the business applications will be compromised, causing a total or partial affectation in the operation.

Defense against ransomware
In that sense, the expert commented that one of the best defenses against ransomware is to avoid lateral movement within its perimeter, an issue that can be difficult to perform for traffic from east to west with traditional firewalls.

He also stressed that while some segmentation is achieved using VLANs, it is often broad and not exactly the most agile approach when you need to isolate assets on the fly, as in the case of a successful breach.

Oswaldo Palacios - Guardicore

"You can't protect what you can't see; therefore, companies need a tool that gives them complete visibility into all data center communications, not only incoming or outgoing from the perimeter, but those that exist within networks and that by not being visible by firewalls can result in threats moving laterally."

Finally, the executive assured that there are cybersecurity tools such as microsegmentation that gives visibility at the process level within the servers, allowing segments so small as to allow or deny communication between processes of an asset.

Iris Montoya Ricaurte
Author: Iris Montoya Ricaurte
Periodista con amplia experiencia en corrección de estilo y generación de contenidos de valor para el sector especializado - [email protected]

No thoughts on “3 Most Common Ways a Ransomware Attack Spreads”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Entrevista a Juan De La Vega, More Security

Durante ESS+ hablamos con Juan De La Vega, representante de la empresa colombiana More Security, la cual hace parte del grupo de compras, ConsorcioTec, y que estuvo en la feria ofreciendo sus servicios para los usuarios finales de la industria de la seguridad. #VentasdeSeguridad #SoyIntegrador #seguridadelectrónica #videovigilancia #GPS

Entrevista a Juan Pablo Rodríguez, de Geovictoria

En el marco de la Feria Internacional de Seguridad de Bogotá ESS+ recibimos en nuestro stand a Juan Pablo Rodríguez Puido, de la empresa GeoVictoria, quien nos habló de las soluciones de software para la gestión de personal y el control de asistencia, que exhibieron durante el evento. #VentasdeSeguridad #gestión #software #personal #seguridad

Entrevista a Jason de Souza, de Hanwha Vision

Hablamos con Jason de Souza, vicepresidente senior para América Latina de Hanwha Vision LATAM, quien nos contó, en la Feria Internacional de Seguridad de Bogotá ESS+, la manera en que la compañía viene aprovechando la Inteligencia Artificial para implementarlo en sus soluciones, las cuales también se integran en las ciudades inteligentes. ¡No se pierdan la entrevista! #VentasdeSeguridad #cctv #videovigilancia #IoT #analítica

Entrevista a Mauricio Arriola, de Genetec

Genetec Latam fue otra de las compañías que participó como exhibidora en la Feria Internacional de Seguridad de Bogotá ESS+. Recibimos en nuestro stand a Mauricio Arriola Guerrero, Regional Sales manager, con quien hablamos de Inteligencia Artificial, innovaciones en VMS y todo lo que la marca ofrece para el mercado de la región. #VentasdeSeguridad #VMS #Colombia #videovigilancia #monitoreo

Entrevista a Mauricio Swain, de Milestone

Mauricio Swain, director de ventas para Latinoamérica de Milestone Systems, estuvo en el stand de Ventas de Seguridad para conversar un poco sobre el reciente lanzamiento de R2, la nueva versión de su solución VMS XProtec y cómo se adapta a las nuevas necesidades en seguridad para Colombia y América Latina. No se pierda esta entrevista desde la Feria Internacional de Seguridad de Bogotá ESS+. #VentasdeSeguridad #VMS #software #videovigilancia #smartcities #monitoreo #InteligenciaArtificial
Load more...

Latest Newsletter