{"id":6471,"date":"2021-09-07T15:41:42","date_gmt":"2021-09-07T13:41:42","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/en\/what-ransomware-gangs-are-looking-for-in-an-ideal-victim"},"modified":"2024-05-07T11:26:24","modified_gmt":"2024-05-07T09:26:24","slug":"what-ransomware-gangs-are-looking-for-in-an-ideal-victim","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/en\/what-ransomware-gangs-are-looking-for-in-an-ideal-victim\/","title":{"rendered":"What ransomware gangs are looking for in an ideal victim"},"content":{"rendered":"\n
Security experts recently investigated offers made by ransomware actors to buy network accesses on the darknet, shedding light on the criteria cyber criminals use when selecting target companies to blackmail with their maliciously encrypted data.<\/p>\n\n\n\n
Security intelligence company KELA examined<\/a> a total of 48 forum contributions from July 2021. The \u201cwant ads\u201d had been placed by various ransomware actors and were addressed to Initial Access Brokers (IAB), who provide initial network accesses. These IABs are actually hackers who focus all their efforts on penetrating company networks using methods such as brute force password attacks, exploits, and phishing. The access details are then sold to the highest bidding cybercriminals, who use it to smuggle malware onto the company network.<\/p>\n\n\n\n Almost 40 percent of the darknet threads KELA investigated originated from actors identified as active participants in ransomware gangs. In one case<\/a>, the ransomware gang known as \u201cBlackMatter\u201d was especially looking for access to targets in the USA, Canada, Australia, and the UK with an annual turnover of at least US$100 million and 500 to 15,000 hosts. The ransomware gang was willing to pay between US$3,000 and US$100,000 for each network access.<\/p>\n\n\n\n Based on around 20 requests investigated by KELA, the security experts identified various criteria according to which ransomware blackmailers select their targets. These include:<\/p>\n\n\n\n The bad news is that even if your company does not meet the average victim criteria, it still doesn\u2019t mean that you are invulnerable. According to KELA, there is whole raft of ransomware gangs \u2013 such as Dharma, STOP and Globe \u2013 which are considerably less picky. As a company, one should thus avoid falling into any false sense of security and rather take steps to ensure maximum protection from all manner of cyber threats.<\/p>\n\n\n\n When it comes to ransomware, for example, it\u2019s essential to have anti-phishing protection<\/a> for email accounts, something that is included in Retarus\u2019 modular Secure Email Platform<\/a> \u2013 also to complement cloud office software<\/a> like Microsoft 365 or Google Workspace. We invite you to use our free Anti-Phishing Guide in five languages<\/a> to sensitize your users about this tricky topic. Find out more about this topic on our website or directly from your local Retarus representative<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Security experts recently investigated offers made by ransomware actors to buy network accesses on the darknet, shedding light on the criteria cyber criminals use when selecting target companies to blackmail with their maliciously encrypted data. <\/p>\n","protected":false},"author":14,"featured_media":10091,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_s2mail":"yes","footnotes":""},"categories":[8,15],"tags":[102,198],"dipi_cpt_category":[],"class_list":["post-6471","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security","tag-email-security","tag-ransomware"],"acf":[],"yoast_head":"\nEurope also a popular target<\/h2>\n\n\n\n