Beware of 13 Tactics, Tools and Procedures

/in


Fraud Management & Cybercrime
,
Fraud Risk Management
,
Governance & Risk Management

Use Threat Hunting to Better Spot Attacks in Progress, Security Experts Recommend

Mathew J. Schwartz (euroinfosec) •
February 26, 2021    

Ransomware: Beware of 13 Tactics, Tools and Procedures
Cobalt Strike is a legitimate penetration tool that ransomware-wielding attackers often use to help hit targets.

Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. So, defenders across every type of targeted organization – including government agencies and private businesses – would do well to have more effective defenses in place.

See Also: Top 50 Security Threats


Such defenses would ideally include organizations proactively looking for known ransomware attackers’ tactics, techniques and procedures. That kind of threat hunting can help defenders spot attacks in the reconnaissance phase before they progress to data being exfiltrated or systems getting crypto-locked.


But where to begin?


First, perhaps, by acknowledging that the status quo isn’t working. Indeed, ransomware continues to generate large profits for criminals, reports ransomware incident response firm Coveware.



These are average and median ransom payments made by victims based on thousands of cases investigated per quarter by Coveware. While averages have recently declined, overall profits remain high.

The state of ransomware defenses doesn’t appear to be improving – or at least not as quickly as attackers continue to innovate. Last year,…

Source…