Express Computer
Home  »  News  »  Major initial vectors of ransomware attacks in 2022: Kaspersky report

Major initial vectors of ransomware attacks in 2022: Kaspersky report

0 78

A new Kaspersky report showed that the majority of ransomware attacks in 2022 started with exploitation of public-facing applications, data from compromised user accounts and malicious emails.

According to the IT Security Economics report, more than 40% of companies faced at least one ransomware attack in 2022 and that SMBs spent an average of $6,500, whilst enterprises paid out 98,000$ for the recovery. These figures reveal that ransomware attacks are still widespread and can hit any company at any time.

Statistics from the Kaspersky Incident Response Analyst Report ‘The nature of cyber incidents’ show that almost 43 percent of ransomware attacks investigated by Kaspersky experts in 2022 started with public facing apps exploitation, followed by data from previously compromised user accounts and malicious emails with 24 percent and 12 percent respectively. The attackers’ goal was not extortion or data encryption, but the mining of personal data, intellectual property, and other sensitive information.

In most of these cases, known credentials had already been compromised and there were no artefacts left to analyze by the time the crime was discovered due to log rotation policies, so it was not possible to investigate how this data was leaked.

The report also revealed that the longest-running ransomware attacks began with the exploitation of public-facing applications, with just over 2 percent of them lasting for a year and more.

image.png

“Continuing security issues with passwords, software vulnerabilities and social engineering become initial access vectors for attackers and provide them endless ways to perpetrate ransomware activities. To minimize the potential for such activities, it’s important for businesses to set up and control a password policy, patch management, raise employee awareness and take regular anti-phishing measures.” – comments Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky.

The full Incident Response Analyst report is available via link.

To protect businesses from possible ransomware threats, Kaspersky experts recommend:

1. Make regular system backups and, if possible, keep saved data on devices not connected to the corporate IT network. That will keep information safe if the entire network is compromised.

2. Run an update on OS or business software to provide critical security updates, as well as features that may make the work easier.

3. Use strong passwords to access corporate services and multi-factor authentication to access remote services.

4. Talk to employees about the variety of cybersecurity threats they might encounter outlining potential threats such as phishing emails, shady websites, or software downloaded from unofficial sources. Consider interactive training and tests like Kaspersky Security Awareness to ensure staff remain vigilant.

5. Use services and solutions like Kaspersky Incident Response, Kaspersky Endpoint Detection and Response Expert or Kaspersky Managed Detection and Response to identify and stop the attack on early stages, before cybercriminals can reach their final goals.

6. Optimize the use of cybersecurity tools by implementing Extended detection and response solutions that collect telemetry from various data sources, including endpoint, network, and cloud data, to offer a comprehensive security outlook, as well as promptly detect and respond to existing threa

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image