Rising ransomware attacks exploit remote access software, warns WatchGuard report

/in


New research from WatchGuard Technologies, a global player in unified cybersecurity, has revealed a significant spike in endpoint ransomware attacks as well as an alarming trend of cyber attackers exploiting remote access software.

The Internet Security Report provides insights into the latest malware trends and endpoint security threats, shedding light on the increasingly sophisticated tactics adopted by cybercriminals.

The research revealed an 89% rise in endpoint ransomware attacks and a decrease in malware delivered through encrypted connections. WatchGuard also observed an increase in abuse of remote access software, an exploitation strategy actively embraced by cyber adversaries.

Cyber criminals are also exploiting password-stealers and info-stealers to pilfer priceless credentials, and are increasingly pivoting from scripting to other living-off-the-land techniques to instigate endpoint attacks.

Discussing the consequeces, Corey Nachreiner, Chief Security Officer at WatchGuard, stated, “Threat actors continuously evolve their tools and methods in attack campaigns, making it crucial for organisations to stay updated on the latest tactics to bolster their security strategy.”

He added that end users often represent the last defence line against sophisticated attacks that employ social engineering tactics. Nachreiner emphasised that it was paramount for organisations to deliver social engineering education and adopt a unified security approach that provides multiple layers of defence.

Among the key findings, the report detailed how cyber attackers are increasingly leveraging remote management tools to dodge anti-malware detection, confirmed by both the FBI and CISA.

Notably, there was a surge in the Medusa ransomware variant in Q3, driving endpoint ransomware attacks up by 89%. The report also highlighted a noticeable decline in attacks employing scripted methods, with script-based attacks dropping by 11% in Q3 and by 41% in Q2.

However, in spite of the reduction, script-based attacks still represent the largest attack vector, making up 56% of total attacks. Cyber attackers are also resorting to Windows living-off-the-land binaries more frequently, as these…

Source…