While a new organisation faces a ransomware attack every week, the incidents seen in the news represent only a fraction of the victims. “Cyber security researchers said. Between January 1 and April 31, 2021, six ransomware groups compromised 292 organizations, conservatively estimated to have netted at least $45 million.
The cyber security team looked at the Ryuk/Conti, Sodin/REvil, CLOP and DoppelPaymer ransomware organizations, as well as two emerging but noteworthy organizations in DarkSide and Avaddon.
First, network security attacks have covered all walks of life
Although the same extortion group, different groups focus on different industries and regions of the world.
· The Ryuk/Conti group has focused its attacks on medical, manufacturing, construction and government IT systems. So far, the group has attacked 352 organizations, racking up more than $10 million in ransoms.
· The Sodin/REvil ransomware gang is keen to attack laptop manufacturers. They have carried out 52 attacks this year. Remarkably, they made international news by attacking Acer and Quanta, two of the world’s largest technology manufacturers. The gang also demanded a $50 million ransom for Quanta.
·DoppelPaymer/BitPaymer is known for targeting government agencies and schools. The FBI issued a notice specifically about ransomware in December, making it clear that it had been used to attack critical infrastructure such as hospitals and emergency services, with direct economic losses and impacts not yet publicly confirmed.
· The Clop gang targeted universities, banks, law firms, aircraft manufacturers, and oil companies for extortion by exploiting widely identified vulnerabilities in Accellion’s file transfer system.
· The DarkSide gang, one of the few groups operating as ransomware as a service (RAAS), got a lot of attention for its attack on Colonial Pipeline, shifting responsibility to the target and the contractors who split the extortion.
Second, the endless network security attacks bring enlightenment
In all interconnected today, the digital construction of rapid development, but as the foundation of the construction of the network security is extremely fragile, from the above blackmail to organize the implementation of network security attacks is not hard to find, blackmail events are occurring in all walks of life, including industrial production, energy, transportation, medical, financial, and even the government and schools. Therefore, in the process of industrial digital development, network security and practical digital foundation can be guaranteed to minimize the security threats to individuals, enterprises and even the country.
Three, coping suggestions
An analysis of the ransomware incidents shows that the serious physical damage caused by these ransomware viruses is beyond public recognition, and that no industry is immune to the scourge of ransomware. Therefore, in order to avoid ransomware attacks as far as possible, avoid unnecessary losses of enterprises, must strengthen network security protection measures. The companies still in the traditional “youngest sample” (firewalls, antivirus software, dynamic vulnerability scanning) as a means of security defense of network, system, but in most cases, the attack of the enterprise because of technical loopholes exist in the process of software code and logic bugs were found to use as a result of, in the process of performing external security protection, so at the same time, More to the software source code itself whether there are security risks to do a good job of detection and prevention, the use of static code detection and analysis technology, coupled with the traditional three protection means, can really do a good job in resisting network security risks.
Keywords: ransomware network security Static code detection code vulnerability source code security
And read the links: www.woocoom.com/b021.html?i…