According to a new report by Netskope Threat Labs, the ransomware attacks "hit" the financial sector harder than ever!
The survey showed that financial services remain "one of the most attacked domains by ransomware groups". In most cases, the hackers use trojans to hack the systems and then deploy the ransomware.
According to Netskope, the ransomware groups that mainly target this industry are Cl0p and LockBit. In the past few months, the gang Cl0p drew attention after exploiting a vulnerability in the file transfer service MOVEit and breached hundreds of organizations around the world.
Some researchers claim that the group's attacks and theft data affected nearly a thousand organisations and more than 60 million people.
See also: Insomniac Games alerts those affected by the Rhysida ransomware
The LockBit ransomware gang, on the other hand, is one of the most dangerous gangs, affecting many high-profile organizations. Despite the recent Remove of dozens of servers, the team managed to return with new infrastructure. New victims are already appearing on the new data leakage website.
The Netskope researchers also found that the Microsoft One Drive and the Sharepoint, as well as the GitHub, are often used by hackers to spread malware.
Sharepoint has proven to be more popular in the financial sector than in other industries, which, according to Netskope, may be due to the popularity of the service Microsoft Teams using Sharepoint for sharing Archive.
According to the Paolo Passeri, Cyber Intelligence Principal at Netskope, the financial sector remains one of the most heavily attacked sectors by ransomware groups, usually exploiting vulnerabilities Security.
See also: How are cryptocurrencies linked to a ransomware attack?
Protective measures to prevent ransomware attacks
One of the most important protection measures is the staff training. Individuals need to be aware of the dangers of ransomware and the ways it can enter the system, such as malicious emails and downloads.
Η the creation and regular updating of data backups is another crucial measure. This ensures that even if the data is encrypted by ransomware, it can be recovered without having to pay a ransom.
The use of updated security software, such as the programmes antivirus and firewalls are also vital. These tools can help detect and prevent ransomware attacks before they can cause damage.
See also: Ransomware: new attacks after ransom payment
The application of the principle of minimum access (PoLP) can be very useful. This means that individuals only have the access they need to perform their tasks, thus limiting the opportunity for ransomware to spread.
Finally do not forget to regularly update the software and Applications to fix any vulnerabilities that a hacker could use to break into the systems.
Source : www.techradar.com
![Pinterest](https://pinterest.com/pin/create/button/?url=https://www.secnews.gr/en/521575/ransomware-xtipoun-xrimatooikonomiko-tomea/&media=https://www.secnews.gr/wp-content/uploads/2024/02/RANSOMWARE-ΧΡΗΜΑΤΟΟΙΚΟΝΟΜΙΚΟΣ-ΤΟΜΕΑΣ-min.jpg&description=Σύμφωνα με μια νέα έκθεση της Netskope Threat Labs, οι ransomware επιθέσεις "χτυπούν" τον χρηματοοικονομικό τομέα πιο σκληρά από ποτέ!){kind=link}