Microsoft has announced that it is tracking the deployment of more than 100 threat actors ransomware (opens in new tab) against companies around the world.
In a recent twitter thread (opens in new tab)the company discussed the current state of ransomware and said that the ransomware-as-a-service (RaaS) ecosystem continues to evolve and expand.
The threat actors (of which the company tracks more than 100) bring “different techniques, targets and capabilities” to the fight. More than 50 unique ransomware families are currently active and deployed, according to the company.
focus on construction
While phishing remains the primary method for hackers to deliver ransomware payloads to victims, they are “increasingly” relying on other techniques as well, Microsoft added.
Among other things, they use malicious ads to bring victims on websites that host ransomware and other malware. Some try to exploit recently patched vulnerabilities, hoping that their targets didn’t get a chance to apply the patch in time. Others try to distribute malware masquerading as software updates.
The most popular ransomware variants nowadays include Lockbit Black, BlackCat (aka ALPHV), Play, Vice Society, Black Basta, and Royal.
Microsoft says organizations shouldn’t focus on these payloads to ward off ransomware. Instead, they should focus on the “chain of activities” that lead to the final compromise. In other words, organizations need to ensure their endpoints are always updated with the latest patches and that their employees are well-trained and always on the lookout for a potential phishing attack.
In phishing attacks, emails typically convey a sense of urgency and urge the user to download and run a file or visit a website immediately. The most popular phishing topics include a DHL package that is awaiting delivery, an unpaid bill, or similar.
However, that doesn’t mean businesses shouldn’t use anti-malware and other cybersecurity solutions. A solid backup solution is a must in the fight against ransomware, as is a firewall and an antivirus solution.
