{"id":7595,"date":"2020-09-29T21:34:29","date_gmt":"2020-09-30T04:34:29","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=7595"},"modified":"2023-04-05T12:42:53","modified_gmt":"2023-04-05T19:42:53","slug":"our-warning-in-2020-was-ignored-lack-of-cyber-hygiene-is-amplifying-ransomware-attacks-and-causing-havoc","status":"publish","type":"post","link":"https:\/\/webdev.securin.xyz\/articles\/our-warning-in-2020-was-ignored-lack-of-cyber-hygiene-is-amplifying-ransomware-attacks-and-causing-havoc\/","title":{"rendered":"Our Warning in 2020 was Ignored: Lack of Cyber Hygiene is Amplifying Ransomware Attacks and Causing Havoc"},"content":{"rendered":"
Ransomware campaigns are always on prowl for a path of least resistance to gain initial access and move laterally using well known vulnerabilities.<\/p>\n
This is evident from the recent ransomware attacks mounted on different companies recently – Konica Minolta (a technology corporation), Carnival Corp (a cruise operator), Brown-Forman, (an alcohol beverage company), and Canon, (a world leader in imaging technology).<\/p>\n
Our analysis indicates an ongoing trend among attackers to reuse old tactics, techniques, and procedures (TTPs). They are employing attack methods to target organizations that are most vulnerable to disruption\u2014organizations that haven\u2019t had time or resources to double-check their security hygiene like installing the latest patches, updating firewalls, checking the privilege levels of users, and endpoints\u2014therefore increasing probability of payoff.<\/p>\n
One key observation to note is that Ransomware gangs are adopting and using the MITRE ATT&CK framework. Once attackers have infiltrated a network, they are performing a thorough reconnaissance, adapt privilege escalation, and lateral movement activities based on security weaknesses and vulnerable services they discover in the network. In these attacks, adversaries typically exist on the networks undetected, sometimes for months, and deploy the ransomware payload at a later time.<\/p>\n
We saw it coming and warned about these vulnerabilities.<\/strong><\/span><\/p><\/blockquote>\n
Five months ago, we warned the industry through our cyber risk whitepaper series<\/a> \u2013 where we analyzed the vulnerabilities that exist within technologies and applications that are predominantly used by work from home employees. We analyzed over 187 products and found over 4849 vulnerabilities in popular tech stacks. We also listed the top 3 CVEs (associated with Ransomwares or had the ability for RCE or a PE) that needs to be fixed in each technology.<\/p>\n
<\/p>\n