General malware findings
Tired of ransomware attacks? While “ransomware fatigue” seems to set in company environments, we have been seeing an all-time high of such attacks targeting enterprises. Attackers have been changing their distribution channels, also targeting air gapped environments. What may at first sight seem as a known attack under a familiar name, actually comes around much more advanced and enhanced. The “Emotet” of 2018, as an example, is not the “Emotet” we deal with today. Through this enhancement in methodology, all businesses no matter their size or organizational sophistication, may fall victim to such attacks.
Ransomware operators take evasive tactics to a new level and continuously find ways to bypass behavioral anti-ransomware tools. Therefore, a protection strategy solely built on applying endpoint detection and response (EDR) as well as artificial intelligence became insufficient. Human intelligence is needed to detect and neutralize early indicators of ongoing advanced attacks.
The most sophisticated ransomware recently has been “WastedLocker”, silently trying to spend as much time in company networks as possible in order to cause as much harm as possible. The Top 3 Most Popular Intrusion Methods include unsecured RDP endpoints, email phishing and the exploitation of corporate VPN appliances.