The main ransomware are responsible for cyberattacks

Ransomware was the first threat to cybersecurity for organizations between April and June of this year, accounting for almost half (46 %) of all incidents globally.

This is clear from the latest Cisco Talos quarterly report, which ranks ransonware with more than three times the impact of the next most common threat, exploiting vulnerabilities in Microsoft Exchange Server.

The data reveals that the attackers targeted a wide range of sectors such as transportation, telecommunications, manufacturing and education in the second quarter, with health being the most attacked for the third consecutive quarter and followed by Public Administration.

“There are several reasons that explain the interest of cybercriminals in the health care sector, including the Covid-19 pandemic that encourages victims to pay quickly to restore services as soon as possible,” said the director of Cyber-Security at Cisco Spain, Ángel Ortiz.

To carry out their attacks, the ransomware actors used commercial tools such as Cobalt Strike, open source applications including Rubeus, and other tools native to the victims’ device such as PowerShell.

“We frequently see ransomware incidents that could have been prevented by enabling multi-factor authentication on critical services,” Ortiz said.

Other cyber threats noted in the report are the exploitation of known vulnerabilities, cryptocurrency mining, and user account control. There were also several incidents involving Trojanized USB drives, a longstanding attack vector undetected for years.

K. Tovar

Source: dpa