Ransomware is now a primary threat for businesses, and with the past year or so considered the “golden era” for operators, cybersecurity experts believe this criminal enterprise will reach new heights in the future.
According to Kela’s analysis of dark web forum activity, the “perfect” prospective ransomware victim in the US will have a minimum annual revenue of $100 million and preferred access purchases include domain admin rights, as well as entry into Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) services.
Over the past few years, we’ve seen ransomware operators evolve from disorganized splinter groups and individuals to highly sophisticated operations, with separate teams collaborating to target everything from SMBs to software supply chains.
Ransomware infection is no longer an end goal of a cyberattack. Instead, malware families in this arena — including WannaCry, NotPetya, Ryuk, Cerber, and Cryptolocker — can be one component of attacks designed to elicit a blackmail payment from a victim organization.
Cisco Secure calls current ransomware tactics “double-extortion.” Victims will have their systems encrypted in one