These IT skills, in the eyes of the user, would not include being able to effectively evaluate and put a stop to any potential cyber threats. Typically, exploiting less technologically skilled users would be the easiest pathway into a network, as most staff at companies outside of the IT industry will only learn the IT skills required to perform their job effectively. One method of reducing this possibility is by creating a plan based upon all the information available, and where there is a lack of information available, the gap must be filled. As such, extra precautions should be taken by organisations and enterprises to ensure they reduce their likelihood of becoming a ransomware victim.
Deep Instinct estimates that the total damage cost of ransomware in 2019 exceeded the predicted USD 11.5 billion, as well as stating that ransomware developers specifically targeted large enterprises due to their profitability. Although ransomware profits seem exorbitant, the cost of damages is even more astounding. The ransomware SamSam alone had netted its developers USD 6.5 million over the course of just under 2 years, with its highest single ransom payment recorded at USD 64,000.
In a 2018 study, researchers were able to trace an estimated USD 16 million in ransom payments through a two-year period from a potential 19,750 victims, with a further estimated total of over USD 25 million in payments between the years 20. With downtime having the largest financial impact when it comes to corporate IT utilisation, in conjunction with the threat of blackmail from stolen files, succumbing to the ransom demand becomes very appealing. The profitability of ransomware relies upon the willingness to pay the ransom, and when the cost of downtime is 23 times greater than the average ransom demand of USD 5900, it is no surprise that the ransomware industry continues to grow. Designed to hold the system or its contents hostage until a ransom is paid, they are particularly damaging to organisations due to the aforementioned consequences of downtime, making organisations much more lucrative targets. Cybercriminals have caught on to this and have begun to take advantage of the harm caused by data destruction and downtime by using a particular form of malware called ransomware. When IT systems stop functioning in business environments, companies can lose a large amount of money through non-utilised staff wages, missed opportunities, and reputational harm, with the average cost of downtime totalling $141,000. IT systems have immeasurably increased productivity in the modern workplace, and as a result, a dependency upon this has been created, so much so that “IT services are becoming a critical infrastructure, much like roads, electricity, tap water, and financial services”. There is no questioning that information technology (IT) and computing play an integral part in the day-to-day operations of enterprises and organisations in modern society. However, although the services remained operational, they became uniquely dysfunctional as ransomware encrypted the files pertaining to those services. The findings showed that none of the three variants stopped the processes and decidedly left all domain services untouched.
Our work outlines the practical investigation undertaken as WannaCry, TeslaCrypt, and Jigsaw were acquired and tested against several domain services.
Group ransomwhere 32m pagetechcrunch windows#
Dynamic analysis was performed using three ransomware variants to uncover how crypto-ransomware affects Windows Server-specific services and processes. Hence, we aim to increase the cyber situational awareness of organisations and corporations that utilise these environments. Despite the prevalence of ransomware as a threat towards organisations, there is very little information outlining how ransomware affects Windows Server environments, and particularly its proprietary domain services such as Active Directory. Organisations and enterprises have become prime targets for ransomware as they are more likely to succumb to ransom demands as part of operating expenses to counter the cost incurred from downtime. Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability.
0 kommentar(er)
