
22 Feb Human-Operated Ransomware – The Latest Developments
The Latest Developments from the Human-Operated Ransomware World
Human-operated ransomware is a very large attack trend, and throughout 2021, it grew considerably. It stands as a threat to organisations in all industries operating online, and it works in a different way to commodity ransomware. Rather than targeting a single device, hackers attack an entire organisation, utilising the knowledge of human attackers in order to infiltrate the business.
Usually, these attacks will result in theft of credentials, as well as lateral movement. The attacks can be highly catastrophic to businesses, being very difficult to clean up in many cases, and even then, human-operated ransomware can continue to threaten a company, on an ongoing basis, more often than not asking for ransom money.
How Do Human-Operated Ransomware Attacks Occur?
If this type of attack takes place, it sees a criminal or a group of criminals hack into a victim’s network, deploying ransomware within. This then sets about encrypting the data that it finds, making it inaccessible to people within the organisation that has been attacked. The only way that they will be able to once again gain access to it is by submitting to a monetary ransom from the criminal attackers. And this isn’t for a minimal amount either. Usually, businesses will be requested to pay hundreds of thousands in ransoms.
They’re a lot more of a challenging threat than previous other ransomware attacks though, because they’re fully operated by humans. Motivated by financial gain, these criminals can spend months working out the best way to overcome cyber defences in order to maximise their attack and succeed in their efforts. Cyber security teams in Malta, as well as defences from around the world, have placed a lot of focus on tackling this particular variation of ransomware.
“Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact”, said James Scott, Sr. of the Institute for Critical Infrastructure Technology.
Tackling Human-Operated Ransomware
It is vital that all businesses, whether large, medium or small, are prepared for potential human-operated ransomware attacks. There are steps that can be taken in order to amp up the security levels of your cyber security, though.
Conduct Penetration Testing
This is an ideal place to start. In doing this, you will be able to highlight any areas where security is somewhat lax. PenTests are an integral part of an organisation’s cyber security efforts, whereby different websites, software applications including mobile apps for iOS and Android, network systems, infrastructure and physical facilities are checked for vulnerabilities and all weaknesses are presented to be fixed, patched or hardened.
Promote Cyber Security Awareness Training
Employees in your business need to know what to expect from ransomware attacks of this nature. Therefore, engaging in info-rich training is an ideal way to keep them, and yourself, informed and up-to-date with the latest trends and threats that could hit your organisation. Following the aforementioned pen test, send all staff members along to cyber security training for further information on spotting human-operated ransomware.
Utilise a Virtual Chief Information Security Officer
A chief information security officer (CISO) usually operates as a senior level executive who is responsible for the strength of the organisation’s confidentiality, integrity and availability. Resources are scarce and expensive, so a fractional arrangement in the form of a vCISO is a practical solution. With a virtual chief information security officer (vCISO), you will have a seasoned professional to advise you on the necessities for developing and deploying an information security programme, as well as managing (and mitigating!) the increasing risks and threats that could affect your company’s data and surface posture.
Attacks of this nature do have weaknesses in themselves, too. And these weaknesses can diminish your threat of being affected by such. As long as your organisation is well-prepared for an attack and a recovery plan is readily-available (for the event of such an attack being successful), you can significantly reduce the cyber risk to your business. Ensure protections are in place, where privileged roles are concerned – a vCISO can help organise and instill a cyber-security first mindset organisation-wide