An Interest In:
Web News this Week
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
Some of Our Sources
- Mashable
- TutsPlus - Code
- Smashing Apps
- Six Revisions
- Crazy Leaf Design
- My Ink Blog
- Fudge Graphics
- Daily Now
- Dev To
- Hashedout
Help Webnuz
Referal links:
October 9, 2020 12:02 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Bz54_6wxPpk/ransom-gangs-increasingly-outsource-their-work
Ransom Gangs Increasingly Outsource Their Work
Brian Krebs writes via KrebsOnSecurity.com: There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today's attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. One of the most common ways such access is monetized these days is through ransomware, which holds a victim's data and/or computers hostage unless and until an extortion payment is made. But in most cases, there is a yawning gap of days, weeks or months between the initial intrusion and the deployment of ransomware within a victim organization. That's because it usually takes time and a good deal of effort for intruders to get from a single infected PC to seizing control over enough resources within the victim organization where it makes sense to launch the ransomware. This includes pivoting from or converting a single compromised Microsoft Windows user account to an administrator account with greater privileges on the target network; the ability to sidestep and/or disable any security software; and gaining the access needed to disrupt or corrupt any data backup systems the victim firm may have. Each day, millions of malware-laced emails are blasted out containing booby-trapped attachments. If the attachment is opened, the malicious document proceeds to quietly download additional malware and hacking tools to the victim machine. From there, the infected system will report home to a malware control server operated by the spammers who sent the missive. At that point, control over the victim machine may be transferred or sold multiple times between different cybercriminals who specialize in exploiting such access. These folks are very often contractors who work with established ransomware groups, and who are paid a set percentage of any eventual ransom payments made by a victim company.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Bz54_6wxPpk/ransom-gangs-increasingly-outsource-their-work
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot