Our focus this month is on Ransomware – as always, we plug the monthly topic into AI to see what picture it creates, and wow, AI clearly sees ransomware as a scary subject!
Quick Take
Sidechain is adding Ransomware Protection to our suite of products – click here for more info!The United States Government runs a website called CISA (Cybersecurity and Infrastructure Security Agency) – click hereto see the official CISA updates to help stakeholders guard against the ever-evolving ransomware threat environment.
Quiz
In line with the launch of our Ransomware solution, here’s a quiz to see how much you know!
What is Ransomware:
Software that infects and encrypts computers to hold your data hostage until you send money to the attackers
Computer equipment that criminal steal from you and won’t return until you pay them
Software used to protect your computer or mobile device from harmful viruses
A form of cryptocurrency
Local backup files – saved on your computer – will protect your data from being lost in a ransomware attack. True or False?
True
False
Which of these best describes how criminals start ransomware attacks?
Sending a scam email with links or attachments that put your data and network at risk
Getting into your server through vulnerabilities and installing malware
Using infected websites that automatically download malicious software to your computer or mobile device
All of the above
If you encounter a ransomware attack, the first thing you should do is pay the ransom. True or False?
True
False
Setting your software to auto-update is one way you can help protect your business from ransomware. True or False?
True
False
Keep scrolling to see if you got it right!
Industry Trends and News
Have you heard of the ransomware group Brain Cipher? They spun up in June of this year and have already been connected with an attack on an Indonesian data center and a cyber attack on dozens of French National Museums at the time of the Paris Olympics. More importantly, they and many other baby ransomware gangs developed their ransomware payload based on the LockBit 3.0 builder, which was leaked in 2022.
What’s important to note is that their Payload appears to feature more advanced code obfuscation techniques than the leaked LockBit builder, making analysis of how it works more difficult, meaning companies need to be more vigilant than ever.
Ransomware gangs like BianLian and Rhysida are increasingly using Microsoft’s Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Storage Explorer is a GUI management tool for Microsoft Azure, while AzCopy is a command-line tool that can facilitate large-scale data transfers to and from Azure storage. In attacks observed by cybersecurity firm modePUSH, the stolen data is then stored in an Azure Blob container in the cloud, where it can later be transferred by the threat actors to their own storage.
Further details here! If your company is an Azure environment and this concerns you, reach out to Sidechain’s Ransomware Protection team
If it seems like every day, you’re hearing reports of ransomware attacks on a large scale, data being stolen from millions and companies having to issue statements to their customers about an infiltration, you’re not wrong. Here’s a short list of the most recent attacks:
