2023 Ransomware Report

Active Defense Intrusion

There are many places to stop a ransomware attack, this part looks at the initial intrusion.

In This Section

How Do the Bad Guys Get In?
Anatomy of a Modern Ransomware Attack
What does a ransomware attack look like? What tools do ransomware actors use to gain initial access, move through the network, steal files, and deploy the ransomware? Walk through a typical ransomware attack, step-by-step, and see why these attacks are so hard to stop.
ANATOMY OF A MODERN RANSOMWARE ATTACK
LEARN MORE
  • Different Ways Ransomware Actors Gain Access
  • Dwell Time: Moving Around the Network and Gaining Access
  • The Importance of the Active Directory Domain Controller in a Modern Ransomware Attack
  • Stealing Files
  • Deploying the Ransomware
  • Posting Stolen Files to Extortion Sites
Credential Markets and Initial Access Brokers
Initial Access Brokers (IABs) are one of the cottage industries that have exploded with the growth of ransomware. Learn how they work, what they’re looking for and what you should do to protect yourself from them.
CREDENTIAL MARKETS AND INITIAL ACCESS BROKERS
LEARN MORE
  • The Growth of IABs Is Directly Tied to Ransomware
  • The Size of the Underground Stolen Credential Market
  • All the Ways Ransomware Actors Can Use Stolen Credentials
Phishing Attacks
Some of the most sophisticated ransomware groups rely heavily on phishing as the initial attack vector. Understand how ransomware phishing attacks work, how to stop them, and how to effectively train employees to spot a phishing email.
PHISHING ATTACKS - LEARN MORE
  • The Long History of Ransomware and Phishing
  • Common Phishing Lures Used by Ransomware
  • Conducting Proper Phishing Training
Remote Desktop Protocol and the Importance of Multifactor Authentication
IABs love targeting Remote Desktop Protocol (RDP) servers— it’s inexpensive to get started, doesn’t take a lot of technical skill, and there are a lot of exposed RDP servers out there. Learn why RDP has quickly become one of the top attack points for IABs and how that leads to ransomware.
RDP AND MULTIFACTOR AUTHENTICATION
LEARN MORE
  • The Rise of RDP and Other Remote Accesses During the Pandemic
  • RDP Is an Easy Attack Vector for Ransomware
  • Using Multifactor Authentication to Protect Your Remote Access
Exploitation
Did you know that over the last year IABs have exploited more than 40 different vulnerabilities to gain initial access that was then sold to ransomware groups? Vulnerability management is a challenge, IABs and ransomware groups know that, which is why we’re seeing increasing interest from both in exploiting vulnerabilities as an initial access vector.
EXPLOITATION - LEARN MORE
  • Common Vulnerabilities Exploited by Ransomware
  • How Exploitation Ransomware Attacks Differ from Phishing and RDP Attacks
  • Exploitation and Managed Service Providers
  • Ransomware and Zero-Day Exploits
  • Practical Patching Advice

Download The “How To Prevent Ransomware” Cheat Sheet

Grab this free PDF resource on how to prevent Ransomware
Download the pdf

Share This Resource With Others

Embed The “How To Prevent Ransomware” resource on your site or blog using this code.

Download The "How To Recover From Ransomware" Cheat Sheet

Grab this free PDF resource on how to prevent Ransomware
Download the pdf

Share This Resource With Others

Embed The “How To Recover a From Ransomware Attack” resource on your site or blog using this code.

Download The "Ransomware Backup Strategy" Cheat Sheet

Ransomware resistant backup strategy is key to preventing Ransomware. Grab this free PDF resource today.
Download the pdf

Share This Resource With Others

Embed The “Ransomware Resistant Backup Strategy” resource on your site or blog using this code.

Download The "Running Ransomware Tabletop Exercises" Cheat Sheet

Tabletop exercises are key to preventing Ransomware. Grab this free PDF resource today
Download the pdf

Share This Resource With Others

Embed The “Running Ransomware Tabletop Exercises” resource on your site or blog using this code.

Want More?

This site is adapted from a book on Ransomware. If you would like to learn more keep reading ...
READ MORE ABOUT THREAT HUNTING FOR RANSOMWARE

Need Help?

Get help now

Ransomware

Partners

Deep Dive

Is This Your Business?
Get In Touch

Contact Us To Sponsor Your Business Listing & Learn More About The Benfits.

Before You Go!
Sign up to stay up to date with everything ransomware

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Free Download Now &
Stay Ahead In Future

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Free Download Now &
Stay Ahead In Future

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Free Download Now &
Stay Ahead In Future

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too

Free Download Now &
Stay Ahead In Future

Sign Up To Receive Our Monthly Ransomware Newsletter
Don’t worry, we hate spam too
Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap