Report IDs New Threats To Businesses
Ransomeware, “As A Service” Top Cyber Threats
Digital fraudsters have continued to evolve, some a bit faster than the businesses trying to outrun them. That is a key takeaway from new Red Canary data. Their researchers looked at the top threats to businesses throughout 2021 and found that the use of ransomware continues to top the list of treat attacks.
According to the report double extortion is a new way fraudsters are using ransomware to coerce business owners into paying. Ransomware attacks were made simpler with the increase in affiliate marketing models and tools, through which many fraudsters began their attacks.
Another legitimate tool fraudsters have exploited is the “as a service” model through which many legitimate businesses access expert abilities. Fraudsters employed Phishing As A Service and Crypters As A Service throughout 2021.
Businesses At Risk From Fraudsters
“These threats are less sensational than you might find elsewhere, but they’re the ones that will impact the majority of organizations,” said Keith McCammon at Red Canary. “This report addresses highly prevalent threats and the tried-and-true techniques that are wreaking havoc on organizations. We take it a step further to explore in depth the adversarial techniques that continue to evade preventative controls, and that can be challenging to detect. We hope that this report serves as a valuable tool for everyone from executives to practitioners, providing the information that’s needed to detect and respond to cybersecurity threats before they negatively impact organizations.”
Top 5 Threat Tools
Topping the list of tools fraudsters are employing in their business attacks are TA551 (10% of affected customers), Mimikatz (8.8%), Cobalt Strike (7.9%), Qbot (6.8%), and Impacket (5.9%).
As for actual attacks, Red Canary found that fraudsters were most likely to use Command/Scripting Interpreters (53%), Signed Binary Proxy Executions (34.8%), and Windows Management Instrumentation (15.4%) techniques to base their attacks.