In an interview with Tech Republic, vice president of cybersecurity at Okta, Marc Rogers noted that contrary to the opinions of many, ransomware gangs are not the real attackers instead, they offer a service called ransomware-as-a-service which involves recruiting and providing technical support to their partners, which infiltrates companies.
This comment referred to the explanation of how malware gangs infiltrate and steal data
For him, Malware gangs break in through brute force attacks on passwords that come from breaches or known software vulnerabilities that have long been known and should be patched.
He also said that DarkSide affiliates scan the internet for companies with open systems and known old vulnerabilities.
Since the discovery of known old vulnerabilities tells attackers three things, including the fact that there is a way in, the likelihood that the company has bad practices inside, and finally the company’s unpreparedness for the attack, the attackers then investigate whether the company is a high-value target.
If the company is a high-value target, they will go ahead and infect the network while taking over as many systems as possible.
For more information, read the original story in Tech Republic.
Or, watch the video interview in Tech Republic.
