Increasingly sophisticated attacks have been deployed by ransomware operations using ever-changing techniques even if obtaining initial network access remains their primary goal, reports SiliconAngle.
Novel operational structures leveraged by newly emergent ransomware gangs, including Akira, Cactus, and Hunters International, as well as the growing prevalence of defense evasion techniques for prolonged dwell times, have presented new ransomware detection and remediation challenges for security teams, according to an analysis from Cisco Talos.
Exacerbating such challenges are the utilization of custom tools and targeting of high-profile security flaws by Volt Typhoon, UAT4356, and other state-backed threat operations to infiltrate critical infrastructure organizations, as well as the pervasiveness of double extortion.
Such evolving ransomware attack tactics should prompt organizations to be proactive in cybersecurity by adopting stringent security controls and patch management, multi-factor authentication, network segmentation, endpoint detection tools, and continuous threat monitoring solutions, as well as limit internet-exposed IT assets.