Ransomware attacks continue to grow. Here are the four ways the initial attack is likely to start, according to data from investigations company Kroll.
The impact of ransomware continues to grow. According to data from global investigations firm Kroll, ransomware was the most common security issue it has being called in to deal with in 2020, while ransomware attacks accounted for over one-third of all cases up to September.
And here's how attackers are getting in: in nearly half (47%) of the ransomware cases Kroll has investigated, gangs used the open remote desktop protocol, a tool that has been used by many companies to help staff work from home, but which can also give attackers a way in if it is not correctly secured.
More than a quarter (26%) of cases were traced back to a phishing email, and a smaller number used particular vulnerability exploits (17%), including -- but not limited to -- Citrix NetScaler CVE-2019-19781 and Pulse VPN CVE-2019-11510. This was followed by account takeovers, at 10%.
Kroll said it had seen three sectors struck especially hard this year: professional services, healthcare, and technology and telecoms. That's in contrast to recent data from IBM, which suggested that manufacturing, the professional services sector and government were the most likely to be hit.
By Steve Ranger on ZDNet