Ransomware: This gang is getting a lot quicker at encrypting networks

A highly successful and aggressive ransomware gang is getting even faster at encrypting networks as they look to extort ransom payments from as many victims as possible.   

Researchers at Mandiant examined ransomware attacks by a cyber-criminal group they refer to as FIN12 – responsible for one in five attacks investigated by the cybersecurity company – and found that there’s been a significant decrease in the amount of time between initially breaking into networks and their encryption with ransomware, most commonly Ryuk ransomware

ZDNet Recommends

According to data published in Mandiant’s M-Trends 2022 report, the average dwell time of FIN12 campaigns – the amount of time between criminal hackers gaining initial access to the network and triggering the ransomware attack – has dropped from five days to less than two days.  

SEE: Cloud security in 2022: A business guide to essential tools and best practices

One of the reasons the life cycle of these attacks has been so heavily reduced is because FIN12 campaigns don’t focus on finding sensitive data and stealing it before triggering a ransomware attack.  

Searching for and stealing data has become a common tactic for many ransomware groups, who in addition to encrypting

Read More: https://www.zdnet.com/article/ransomware-this-gang-is-getting-a-lot-quicker-at-encrypting-networks/#ftag=RSSbaffb68