Corporate Targets, Hacker Leave Individual Users

Cyber crime is growing and alarming cyberspace. Security experts at Kaspersky Lab found, more and more hackers are diverting the target of attacks from corporate to individual users through the deployment of ransomware.

In an official statement received at least, there are eight groups identified cyber criminals involved in the development and distribution of encrypting ransomware. Attacks 8th cyber criminals are mostly targeting financial organizations worldwide.

In fact, security experts Kaspersky Lab found no cases of cyber criminals demanded a ransom of more than half a million dollars. It was also found that the hacker group demanded a ransom of one bitcoin per one decryption,

Among these groups there PetrWrap identified attack financial organizations worldwide. Meanwhile, Mamba and 6 other groups unnamed targeting corporate users. Experts rate, 6 these groups had attacked private users, but they chose to focus on the corporate network.

They turned their consideration to the corporate target of attack is more potent than ransomware cashing distributed to private users.

According to experts, if hackers successfully target the corporate, enterprise business process will be stalled in a matter of hours or days. Therefore, the company will inevitably pay the ransom.

Kaspersky Lab security experts said, the general tactics, techniques, and procedures used by each group are very similar. They will infect the targeted corporation with malware through a vulnerable server or spear phishing email.

Furthermore, the malware is distributed to network and identify any data that is considered valuable to the company. Then the hacker group demanded a ransom in exchange for decryption.

In addition to these similarities, some groups also have their unique features of each. For example, a group of hackers using malware encryptor Mamba their own property, open source software based diskcryptor.

Once an attacker gains a foothold in the network, they installed the encryptor on it using the official utility for Windows remote control. 

This approach makes them less suspicious action for security personnel of the targeted organization. The hacker is also very careful in choosing the target, any attack can take some time. Examples PetrWrap hacker who is on a network for 6 months.

Senior Security Researcher Kaspersky Lab Anti Ransom Anton Ivanov said the threat against this corporation has a real potential for financial loss. "The trend is quite alarming. There are many potential targets ransomware out there, so there is a possibility of attacks that have greater consequences," Ivanov said.