Carbon Black recently published a report on the latest ransomware attack methods, and how to counteract them. For more information about how Cb Defense, Carbon Black’s NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo, every Wednesday at 2PM EST, 11AM PST.
90% of financial institutions reported being targeted by a ransomware attack during the past year. CryptoLocker. GoldenEye. Locky. WannaCry. 2017 was, perhaps, the most notorious year on record for ransomware. Even a casual news consumer can identify the menacing ransomware attacks that have cost worldwide businesses as much as $1 billion in 2017, according to FBI data. Financial institutions are clearly not immune. The overwhelming majority of CISOs in our survey reported seeing some kind of attempted ransomware attack during the past year.
This is not surprising. Last year, Carbon Black researchers monitored 21 of the largest dark web marketplaces for new, virtual offerings related to ransomware. Our research found a 2,502% increase in the sale of ransomware on the dark web. This increase is largely due to a simple economic principle – supply and demand. Cybercriminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies. In addition, a basic appeal of ransomware is simple: it’s turnkey. Unlike many other forms of cyberattacks, ransomware can be quickly and brainlessly deployed with a high probability of profit. In our previous report, we found more than 6,300 estimated dark web marketplaces selling ransomware, with more than 45,000 current listings.
For ransomware authors, successful creation and selling of ransomware offerings appears to be fruitful. Based on our research, some ransomware sellers are making more than $100,000 per year simply retailing ransomware. In some instances, this is double the salary for legitimate software developers, who pull in an average of $69,000 a year, according to PayScale.com. (In Eastern Europe developer salaries are a bit lower, hovering around $45,000.)
That being said, the true untouchable hackers are becoming punitive. Several survey respondents (1 in 10) reported encountering destructive attacks unrelated to ransomware. The “bank heist” is becoming a hostage situation. We will continue to track this trend in future reports.
Listen to our security experts at Carbon Black and Network Security Engineer Christopher St. Amand at PeoplesBank during a recent webinar where we discussed the benefits of cloud-based security platforms and how they apply to your specific needs.
Thanks for joining us as we explored “Modern Bank Heists,” our report on the changing landscape of cybercrime in the financial sector and how to arm your institution against a breach. You can click here to get a copy of the full report. Join us next week as we continue to profile this report.
The post Excerpts from Modern Bank Heists - Ransomware appeared first on Carbon Black.