The threat of ransomware is threatening businesses

The ransomware ecosystem consists of many members (profit sharing), each of whom will play a different role and often communicate through specialized darknet forums. However, large or famous gangs will operate in their own way.

Typically, ransomware operators will receive 20-40% of the profits, while the rest of the members will receive 60-80% of the profits.

Craig Jones, Director of Cybercrime, Interpol, said: 'Over the past two years, we have seen cybercriminals use ransomware increasingly boldly. The organizations attacked are not just businesses and government agencies, but malware exploiters ready to attack businesses of any size.

"The ransomware ecosystem is complex with many associated benefits," said Dmitry Galov, security researcher at Kaspersky's Global Research and Analysis Group. It is a flexible market with many participants, some operating in the form of taking advantage of opportunities, others will not choose specific targets, but can target any organization. Any business, big or small, as long as it's accessible."

Ivan Kwiatkowski, senior security researcher at Kaspersky added: "In order to choose the best approach when attacked, you need to understand the foundation of the ransomware ecosystem."

On the occasion of Anti-Ransomware Day, Kaspersky encourages organizations to do the following 4 things to limit being attacked by ransomware.

1. Always update software on all devices to prevent hackers from attacking and exploiting security holes.
2. The defense strategy should focus on detecting traffic movements in the network and transferring the data to the Internet. Pay special attention to outgoing traffic to detect connections of cybercriminals.
3. Enable anti-ransomware for all devices with the free Kaspersky Anti-Ransomware tool.
4. Install anti-APT and EDR solutions, enable advanced threat detection and discovery, and promptly investigate and remediate incidents.

Kareem Winters

Update 18 May 2021