The Most Common Ways Hackers Infiltrate Systems

Share post:

Cybersecurity analysts at Coveware have studied ransomware attacks in the second quarter of 2021 and described in detail how phishing attacks and RDP attacks are the most popular entry points for ransomware attacks. These attacks are inexpensive to carry out and very effective.

Phishing attacks – in which cybercriminals send emails with a malicious attachment or send victims directly to a compromised website that delivers ransomware – phishing now accounts for 42 percent of attacks.

In addition, attacks on RDP services in which cybercriminals use weak or standard usernames and passwords – or sometimes gain access to legitimate login credentials via phishing emails – are still a widespread practice among ransomware groups and are responsible for 42 percent of attacks.

Software vulnerabilities – are by far the most popular vector for attacks on networks providing ransomware, which accounts for 14 percent of attacks, which are often used by some of the most sophisticated and notorious ransomware gangs.

According to Coveware, Sodinokibi – also known as REvil – is responsible for 16.5% of the ransomware attacks in the reporting period. In recent weeks, REvil infrastructure has mysteriously gone offline.

The second most productive ransomware during this period was Conti with 14.4% of ransomware. One of the most prolific attacks of the group was the attack on the Irish health system.

The third most productive ransomware during the three months between April and June was Avaddon, a form of ransomware that is distributed via phishing emails, which is responsible for 5.4% of attacks. In June, the group behind Avaddon said that they would close and published a decryption key for the ransomware.

New ransomware players Mespinoza and Hello Kitty make up the rest of the top five – and it is likely that as groups such as REvil and Avaddon allegedly close operations, new ransomware groups will try to replace them.

To help protect networks from intrusion, organizations are strongly encouraged to implement multifactor authentication across the network, which can prevent intruders from exploiting accounts.

For more information, read the original story in ZDNet.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways