![]() ![]() In this post, KELA focuses on these two niches in order to better understand the actors who have surfaced around the growing RaaS ecosystem.”īased on Kela’s observations it appears that hackers able to gain privileged access to networks are in the highest demand. Sometimes referred to as Initial Access Brokers, the prices they can demand their services can spike up to 115% if able to gain local administrator access. ![]() This level of access allows for hackers to gain near unrestricted access to machines and data stored on the network. This access enables the easier deployment of the ransomware with less threat of being detected. Given that many ransomware gangs now also look to steal data before encryption to further increase the pressure to pay, a hacker that can gain such a privileged level of access further enables the easier extraction of stolen data. It is little wonder then that such a level of access demands ten times more than access granting simple user rights. At the same time gaining administrator access is much harder and this is shown in the percent of hackers advertising administrator access. Of all the advertisements analyzed by Kela, only 19% were offering administrator-level access. ![]() 27% percent of the ads offered an unspecified level of access and 53% offered user-level access. While there were several key takeaways from the report perhaps the most interesting was the increase in demand for negotiators. In the past ransomware, operators would speak directly to victims via email addresses provided on ransom notes. Given that specializations arose along with ransomware looking more and more like a business operation, albeit an illegal one, the need for special negotiators seems like a logical progression.Īs to the exact reason ransomware operators would need a negotiator, Kivilevich provided two scenarios with the first being, “If the Russian government cannot or will not take action against criminal actors residing in Russia, we will take action, or reserve the right to take action, on our own,” Psaki said.ĭon’t miss out on ET Prime stories! Get your daily dose of business updates on WhatsApp.“Victims started using negotiators – while a few years ago there was no such profession, now there is a demand for negotiating services. national security officials had been in touch with Russian government officials over the attack. White House press secretary Jen Psaki said during a news conference Tuesday that U.S. Jack Cable, a security researcher for Krebs Stamos Group, said he had reached out to REvil, and the group offered to slash the price for the tool to $50 million in bitcoin. “If you are interested in such a deal, contact us,” the group wrote, adding that it had provided a way for victims to contact the organization. REvil said it would publish a tool that would allow all infected companies to recover their data if it were paid $70 million in bitcoin. Brett Callow, a threat analyst for cybersecurity firm Emsisoft, said REvil was also asking for $45,000 in cryptocurrency for each computer system a victim wanted restored.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |