Microsoft recently disclosed that they are monitoring over 100 different threat actors utilizing 50 unique ransomware families to attack businesses and organizations across the world. These attacks have been increasing in frequency, severity, and sophistication. The threat actors behind them are using a range of techniques to gain access to their targets, including exploiting unpatched software vulnerabilities, phishing attacks, and brute-force attacks against remote desktop protocol (RDP) endpoints.

In response to this growing threat, Microsoft suggests that defensive strategies should concentrate less on the payload and more on the sequence of events that lead to the ransomware’s deployment. Despite there being an overwhelming number of ransomware families at any given time, most threat actors employ the same tactics when carrying out their attacks, which go beyond phishing. Threat actors target servers and devices that have not yet deployed patches against common or recently known vulnerabilities, which is why swiftly patching vulnerabilities is crucial in preventing ransomware attacks.

Recently, Microsoft advised administrators to deploy the most recent Cumulative Update (CU) to secure on-premise Exchange servers and instructed users to remain prepared to install emergency security updates. More than 60K internet-exposed Exchange servers remain susceptible to attacks that take advantage of ProxyNotShell RCE exploits, while thousands of others still need protection from attacks targeting ProxyShell and ProxyLogon vulnerabilities, which were two of 2021’s most frequently exploited security flaws.

It is important to note that despite the number of attacks remaining steady, ransomware gangs’ income dropped by around 40% in 2022, as victims refused to pay ransom demands. While this is good news, it is important for businesses to remain vigilant and take steps to protect themselves against ransomware attacks. This includes regularly updating software, implementing strong passwords and multi-factor authentication, regularly backing up data and testing backups, and staying aware of new security vulnerabilities.

You can read more about this story at Bleeping Computer.

Click HERE to more about Alvaka’s Ransomware Prevention Services! We are available 24×7, 365 days a year, to assist you with any of your ransomware needs.

Latest Ransomware Related Blogs

Ransomware impact on customer trust. lose-up of hands on a laptop keyboard with glowing code and digital particles floating around, giving a high-tech, programming or hacking impression.
Cloud ransomware vulnerability assessment. A hand holds a smartphone above an open laptop. On the laptop screen is a vivid red warning symbol with an exclamation mark inside a triangle, along with icons for email and settings. White arrows labeled "IN" and "OUT" point between the phone and laptop, suggesting a file upload or data transfer in progress. The scene conveys a cyberattack, security breach, or phishing warning.
Ransomware risk management framework. A professional wearing a blue shirt is interacting with a virtual, transparent interface emerging from their laptop. They use a stylus pen, suggesting precise control. Floating around their hands are various icons symbolizing technology, including cloud services, data analytics, global connectivity, finance or banking, and artificial intelligence. The image conveys the themes of digital transformation, data analysis, and secure management through technology.
Ransomware preparedness audits. A person dressed professionally is sitting at a laptop, typing on the keyboard. Around the laptop, there are virtual icons floating in the air, labeled with things such as problem-solving (a lightbulb icon), decision-making (gear icons with check and cross marks), and risk assessment (represented by a notepad icon). This image highlights a person engaged in analytical or cybersecurity-related work, emphasizing thoughtful decision-making.
Ransomware Rescue
Contact Alvaka