How Botnets are Used in Ransomware Attacks

A botnet is a network of devices that have been infected with malware, allowing a threat actor to control them. However, instead of completely taking over the devices, the individual orchestrating the attack, known as the bot herder, will use a portion of the computer’s bandwidth to run an activity in the background without the…

Read More

How Ransomware-as-a-Service is Used in Ransomware Attacks

With average ransom demands now in the millions, ransomware attacks are a lucrative business. It’s no wonder then that more people are trying to get a piece of the profit, and it’s becoming easier than ever to do it with the rise of ransomware-as-a-service. Just like software-as-a-service businesses provide easy access to software, ransomware-as-a-service businesses…

Read More

Remote Desktop Protocol Use in Ransomware Attacks

According to the 2020 Unit 42 Incident Response and Data Breach Report, remote desktop protocol (RDP) services were the initial attack vector in 50% of ransomware deployment cases. RDP services have been a popular attack vector for years, particularly for use on small enterprises where phishing emails may not be as successful. However, the COVID-19…

Read More

What are Double and Triple Extortion Ransomware Attacks

The last few years have seen a dramatic rise in high-profile ransomware cases, leading CISOs to bump ransomware planning to the top of their list of initiatives. However, just as companies have adapted to guard against this threat, ransomware gangs have adapted in turn, employing additional layers of extortion focused on exposing customer data. A…

Read More