>
Microsoft has revealed that it tracks more than 100 threat actors deploying ransomware (opens in new tab) against companies around the world.
In a recent Twitter thread (opens in new tab)the company discussed the current state of ransomware and said the ransomware-as-a-service (RaaS) ecosystem continues to evolve and expand.
The threat actors (of which the company tracks more than 100) bring “varying techniques, targets and skills” into battle. Currently, there are more than 50 unique ransomware families active and in use, the company said.
Attention to the structure
While phishing remains the main way for hackers to deliver ransomware payloads to victims, they are “increasingly” relying on other techniques as well, Microsoft added.
Among other things, they use malicious advertisements to lead victims to websites that host ransomware and other malware. Some try to exploit recently patched vulnerabilities, hoping their targets didn’t get a chance to apply the patch in time. Others try to distribute malware masquerading as software updates.
Among the most popular variants of ransomware today are Lockbit Black, BlackCat (aka ALPHV), Play, Vice Society, Black Basta, and Royal.
To defend against ransomware, Microsoft says, companies should not focus on these payloads. Instead, they should focus on the “chain of activities” leading to the final compromise. In other words, companies must ensure that their endpoints are always updated with the latest patches and that their employees are properly trained and always on the lookout for a possible phishing attack.
In phishing attacks, emails usually have a sense of urgency, prompting the user to immediately download and run a file or visit a website. The most popular phishing themes are a DHL package awaiting delivery, an unpaid invoice, or something similar.
However, that doesn’t mean companies shouldn’t implement malware protection and other cybersecurity solutions. In the fight against ransomware, a solid backup solution is a must, as well as a firewall and an antivirus solution.