Express Computer
Home  »  Security  »  Ransomware attacks jumped by 148 percent in March: VMWare Carbon Black

Ransomware attacks jumped by 148 percent in March: VMWare Carbon Black

VMware Carbon Black said this week that ransomware attacks monitored by them jumped 148 percent in March from the previous month.

0 467

Hacking activity against corporations in the United States and other countries more than doubled by some measures last month as digital thieves took advantage of security weakened by pandemic work-from-home policies, researchers said.

Corporate security teams have a harder time protecting data when it is dispersed on home computers with widely varying setups and on company machines connecting remotely, experts said.

Even those remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem, officials and researchers said.

Software and security company VMware Carbon Black said this week that ransomware attacks it monitored jumped 148% in March from the previous month, as governments worldwide curbed movement to slow the spread of the novel coronavirus, which has killed more than 130,000.

“There is a digitally historic event occurring in the background of this pandemic, and that is there is a cybercrime pandemic that is occurring,” said VMware cybersecurity strategist Tom Kellermann.

“It’s just easier, frankly, to hack a remote user than it is someone sitting inside their corporate environment.”

Several others echoed the finding.

Tonya Ugoretz, a senior cyber official with the FBI, told an online audience on Thursday that incoming reports about hacking had multiplied three- or four-fold during the outbreak. Rob Lefferts, a cybersecurity executive with Microsoft, said his company was seeing an upswing in the volume of digital breaches in the same places the disease was spreading the most quickly.

“The volume of successful attacks is correlated with the volume of virus impact,” he said, adding that many malicious actors seemed to be piggybacking on confusion and anxiety to trick users into parting with their credentials.

“Those attacks are more successful because people are more afraid,” he said.

Changes to corporate networks being scrambled by work-from-home policies may also be making life easier for attackers.

Using data from U.S.-based Team Cymru, which has sensors with access to millions of networks, researchers at Finland’s Arctic Security found that the number of networks experiencing malicious activity was more than double in March in the United States and many European countries compared with January, soon after the virus was first reported in China.

The biggest jump in volume came as computers responded to scans when they should not have. Such scans often look for vulnerable software that would enable deeper attacks.

The researchers plan to release their country-by-country findings next week.

Rules for safe communication, such as barring connections to disreputable web addresses, tend to be enforced less when users take computers home, said analyst Lari Huttunen at Arctic.

That means previously safe networks can become exposed. In many cases, corporate firewalls and security policies had protected machines that had been infected by viruses or targeted malware, he said. Outside of the office, that protection can fall off sharply, allowing the infected machines to communicate again with the original hackers.

That has been exacerbated because the sharp increase in VPN volume led some stressed technology departments to permit less rigorous security policies.

“Everybody is trying to keep these connections up, and security controls or filtering are not keeping up at these levels,” Huttunen said.

The U.S. Department of Homeland Security’s (DHS) cybersecurity agency agreed this week that VPNs bring with them a host of new problems.

“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” wrote DHS’ Cybersecurity and Infrastructure Security Agency.

The agency said it is harder to keep VPNs updated with security fixes because they are used at all hours, instead of on a schedule that allows for routine installations during daily boot-ups or shutdowns.

Even vigilant home users may have problems with VPNs. The DHS agency on Thursday said some hackers who broke into VPNs provided by San Jose-based Pulse Secure before patches were available a year ago had used other programs to maintain that access.

Other security experts said financially motivated hackers were using pandemic fears as bait and retooling existing malicious programs such as ransomware, which encrypts a target’s data and demands payment for its release.

Advertisement

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image
Live Webinar : Know how to enhance customer engagement with omnichannel experience
Register Now
close-image