Get Smart: Leveraging Threat Intel To Detect Ransomware

Leveraging Threat Intel To Detect Ransomware

Within the last decade, ransomware emerged as the preeminent cyber threat facing both public and private sector organizations. Data from firms that track ransomware infections suggest that a large percentage of organizations are victimized by ransomware in any given year. For example, 44% of the more than 5,000 firms surveyed by the security firm Sophos for its annual ransomware report in 2021 said they had been hit by ransomware in the last two years. A majority of those incidents resulted in cybercriminals successfully encrypting data before they were detected and removed.

The stakes involved in ransomware incidents have risen right along with the frequency of ransomware attacks. What started out as nuisance attacks a decade ago quickly evolved such that, by 2016, ransomware was shutting down medical facilities like Hollywood Presbyterian Hospital. The NotPetya wiper attack in 2017 raised the profile of ransomware even higher, showing how determined governments like Russia’s can leverage malware to disrupt both the public- and private sectors and inflict high costs on nations like Ukraine. By 2021, the scourge of ransomware was growing unchecked and crippling critical infrastructure like the Colonial Pipeline on the U.S. East Coast and facilities operated by meat processor JBS. Attacks on medical facilities became commonplace and were linked to a death at an affected facility. The attack that temporarily shut down the Colonial Pipeline in the eastern United States, in contrast, was linked to an affiliate of the for-profit Darkside ransomware group.

Article Link: Get Smart: Leveraging Threat Intel To Detect Ransomware