Ransomware refers to malware that infects systems and either locks out the user from their own systems or steals data. Unless the victim pays a ransom, the attackers will either keep the user locked out permanently or start to spread the information publicly.
Rafe Pilling, principal researcher at SecureWorks, told Verdict that ransomware is a threat “due to the high-profile debilitating impact it has on operations and the resulting financial and reputational damage.”
Pilling added: “Even after a series of high-profile law enforcement interventions and public leaks, ransomware operators have maintained high levels of activity.”
The need to strengthen a company’s digital defences should be a key priority for business leaders, according to market experts. However, this is far from easy.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
“Maintaining the security of IT systems is a constant struggle for organisations of all types,” analysts at research firm GlobalData wrote in a recent report. “Cyberattacks are frequent and increasingly complex, perpetrated by those furthering a geopolitical cause or attackers intent on making money.”
Secureworks warns that ransomware could damage companies
The Secureworks researchers now urge businesses to strengthen their digital defences against ransomware attacks.
The Secureworks report suggests that detection strategies should focus on identifying ransomware precursors within the detection window between initial access and ransomware deployment.
Precursors are symptoms indicating that a breach has occurred. The presence of malicious code that steals data, so-called infostealers, could be one precursor and the presence of unusual engineers in the system could be another.
So far in 2022, the median time between initial access and ransomware detonation in intrusions investigated by Secureworks incident responders is 4.5 days, compared to five days in 2021, the report said.
Another way to protect against cyberattacks is to be aware of how hackers infect their victims’ systems. Cybercriminals use several ways to distribute the ransomware, the Secureworks report noted. Their methods have included cloned websites and trojanised installers for messaging apps such as Signal.
GlobalData is the parent company of Verdict and its sister publications.