Il 40% of the cyber threats occurred from July to September they were kind ransomware and pre-ransomware, that particular category of malware (malicious software) that i cybercriminals they use to access someone else's device e ask for a ransom to return access to the rightful owner.
This is the first element focused on by quarterly report compiled by Cisco Talos, the world's largest private intelligence organization dedicated to cybersecurity.
For the first time from the fourth quarter of 2021 the telecommunications sector was not the hardest hit, while they were targeted that of education (probably because the attacks coincided with the reopening of schools and universities), energy, financial services and, in general, of Government.
The groups of criminals who "pull the strings" of ransomware such as LockBit and BlackCat have built a thriving business around these malware by making available to "affiliates", for a fee, everything necessary to hit high profit targets, maximize the damage and potential illicit revenues.
MFA authentication, multi-factor authentication, to thwart ransomware
La lack of multi-factor authentication (MFA) - says Cisco - remains one of the biggest obstacles to corporate security: nearly 18% of victims have not enabled theMFA or did it only on a few critical accounts and services, thus allowing the cybercriminal to log in and authenticate.
This quarter was finally characterized by variants of ransomware high-profile previously seen, such as Hive e Deputy Society, and also saw the first appearance of the Ransomware Black Basta.