A recent report by cybersecurity company Kela has revealed findings on what the ideal victim looks like to the ransomware gangs of today.
According to ZD Net, the report was based on listings made by ransomware operators in the underground and revealed that many wanted to buy a way into US firms that had a minimum revenue of over $100m.
Kela found that based on observations in dark web forums during July of this year, there is enough proof to suggest that threat actors are looking for large US firms as well as European, Australian and Canada businesses. However, Russian targets and those in developing countries are commonly rejected immediately.
The report also discovered that roughly half of the ransomware groups will reject offers for access into healthcare and education organisations, as well as government entities and non-profits.
In terms of most preferred methods of access, remote desktop protocol and virtual private network-based access are both very popular among hackers. Access to products developed by businesses such as Palo Alto Networks, Cisco, Fortinet, Citrix and VMWare are commonly popular.
Kela found that approximately 40% of listings were created by groups in the ransomware-as-a-service space. Meanwhile, ransomware operators were identified to be willing to pay – on average – up to a maximum of $100,000 for initial access services.
A recent mid-year report by internet security company SonicWall found the number of ransomware attacks in H1 2021 has already outperformed the entire year of 2020.
The global ransomware volume was found to have increased by 151% to reach 304.7m attacks in the first half of the year.
SonicWall researchers identified ransomware rises across various industries, with retail seeing a huge hike of 264%, healthcare climbing 594%, education seeing a 615% rise and government recording a staggering 917% increase in ransomware attacks.
Copyright © 2021 FinTech Global