fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ransomware: Huge Rise In Attacks This Year As Cyber Criminals Hunt Bigger Pay Days

Ransomware: Huge Rise In Attacks This Year As Cyber Criminals Hunt Bigger Pay Days

Researchers warn of a seven-fold rise in ransomware attacks compared with last year alone – and attackers are continually evolving their tactics.

Why ransomware has become the biggest cyber threat to your network in 2020

There’s been a huge increase in the number of ransomware attacks over the course of 2020, with a seven-fold rise in campaigns compared with just last year alone, according to newly released data from cybersecurity researchers.

Ransomware attacks have been on the rise and getting more dangerous in recent years, with cyber criminals aiming to encrypt as much of a corporate network as possible in order to extort a bitcoin ransom in return for restoring it. A single attack can result in cyber criminals making hundreds of thousands or even millions of dollars.

It’s something that cyber criminals have been capitalising on despite the changing working circumstances with more people working remotely during 2020, with Bitdefender’s Mid-Year Threat Landscape Report 2020 claiming a 715% year-on-year increase in detected – and blocked – ransomware attacks.

Not only has the number of ransomware attacks increased, but ransomware has continued evolving, with some of the most popular forms of ransomware last year having disappeared while new forms of ransomware have emerged. In some cases, these are even more disruptive and damaging.

“Looking into the evolution of last year’s ransomware families and how they’ve changed this year, most of them have actually gone down in numbers. This year’s popular ransomware families are not last year’s popular ransomware families,” Liviu Arsene, global cybersecurity researcher at Bitdefender told ZDNet.

For example, one of the most prolific ransomware threats during 2019 was GandCrab – until its operators shut up shop during the middle of the year, claiming to have made a fortune from campaigns.

Since then, new families of ransomware have emerged, including Sodinokibi – also known as REvil – which while not a massively prolific campaign, is a highly targeted operation that has made large amounts of money from disruptive, often high-profile ransomware attacks.

In many cases, hackers are following through with threats to leak data they’ve stolen in the run-up to deploying the ransomware attack if the victim doesn’t pay – something that might strike fear into future victims and encourage them to give into the extortion demands more quickly.

Also read: Computer Misuse Act Singapore: The Truth And Its Offenses

“If they do that just once, they set an example for everyone else who becomes infected, because those who don’t pay end up with data leaked and a GDPR fine. Everybody else who gets infected afterwards is going to see the attackers are serious,” Arsene explained.

While ransomware from specialist cyber-criminal gangs such as Sodinokibi and DoppelPaymer grab the headlines, ransomware-as-a-service has continued to be an issue for organisations around the world, with ransomware families like Zepto and Cryptolocker causing problems.

While these forms of ransomware might not be as advanced as the most high-profile versions, their availability ‘as-a-service’ allows even low-level attackers to deploy attacks in an effort to illicitly make money, often from smaller and medium-sized businesses that feel they have no other option but to pay.

Ransomware remains a major cyber threat to organisations and businesses of all kind, but there are relatively simple steps that can be taken to avoid falling victim to a ransomware attack.

Ensuring that security patches are applied as soon as possible helps prevent hackers from exploiting known vulnerabilities to gain a foothold inside the network in the first place, while organisations should also apply multi-factor authentication across the ecosystem because that can prevent hackers moving across the network by gaining additional controls.

Organisations should also regularly backup their systems, as well as testing those backups on a regular basis as past of a recovery plan, so if the worst happens and ransomware does infiltrate the network, there’s a known method of restoring it without the need to pay cyber criminals.

Also read: Personal Data Websites: 3 Things That You Must Be Informed

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us