Worldwide cybersecurity breach headlines continue to paint quite a disturbing picture of our digital future. Malware attacks are getting bigger and hitting bigger and more sensitive targets, and ransomware prices have increased.
Attack volumes are up over 100% each year and tens of millions of dollars are flowing to overseas bank accounts as ransomware victims try to buy their way out of security breaches.
While advanced persistent threats and malware still plague some victims, it is ransomware that is still gaining real traction in today’s cybersecurity landscape.
The EternalBlue flaw that took over the news last year in May 2017 rose to popularity as a result of its inclusion in the data leaked by The Shadow Brokers.
Utilized in multiple attacks alongside the also-released DoublePulsar exploit, including the installation of cryptocurrency miner Adylkuzz, the exploits are just the tip of the cyberwarfare tools The Shadow Brokers are claiming to have in their arsenal.
The EternalBlue and DoublePulsar based attacks, delivering the WannaCry Ransomware, have so far been hugely damaging to healthcare organizations while also impacting over 200,000 endpoints in 150 countries.
WannaCry-WanaCrypt0r 2.0 was coupled with the EternalBlue exploit, allowing it to automatically propagate itself to vulnerable machines across the Internet.
While not technically advanced, the use of EternalBlue and DoublePulsar created a ransomworm that spread much faster than any other previously reported ransomware outbreak.
This paper explains the challenges organizations are facing with the increase in ransomware attacks, and what steps security-minded enterprises should take to prevent a successful ransomware infection.