It seems remote working will continue to expand, offering more opportunities for threats like ransomware. Not only do ransomware threat actors have become a daily threat but also they continue to innovate both their technology and their methods at an accelerating pace. That said, it’s not just the pandemic that has altered the workforce – new technology, the reliance on non-traditional platforms, and more all offer new avenues for cybercriminals.
Some of the topics covered in this threat report:
- Ransomware attacks: The report observed that ransomware adversaries have settled on a common (and slowly growing) toolset they use to exfiltrate data from a victim’s network. This toolset of well known, legitimate utilities anyone might have won’t be detected by endpoint security products
- Canaries in the coalmine (Attacks targeting Windows & Linux servers): The majority of attacks targeting servers fit one of three profiles – ransomware, cryptominers and data exfiltration – each of which has a corresponding, distinct set of tactics and techniques the attackers employ. Best practices for server admins is to avoid running conventional desktop apps, like email clients or a web browser, from the server as a safeguard against infections, so attacks targeting servers necessarily require a shift in tactics.
- Cloud security: When the COVID-19 lockdowns began in March 2020, people and workplaces began a rapid and unprecedented transition that continues to this day. How we work, go to school, attend events and conferences, and entertain ourselves may have changed forever, and cloud computing was an essential element of that rapid evolution, but it faces a lot of challenges.
This was just a sneak preview. If you find it useful and informative, you may want to consider reading the full report here: https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophos-2021-threat-report.pdf