Software developer Veeam has found that cybercriminals are getting more ingenious with their ransomware operations, and now target backup storage in order to extract ransom payments from businesses.
According to TechRadar, in the event of a ransomware attack, businesses can either pay the demanded ransom and hope that their data can be restored using the decryptor given by the bad actors, or they can disregard the ransom demands and restore their data using a backup solution.
According to Veeam’s 2023 Ransomware Trends Report, however, cybercriminals are skipping over primary systems in favour of backups to coerce businesses into paying ransom.
Veeam claims that malicious actors tried to gain access to backups during attacks in 93% of cases, based on research that analysed nearly 3,000 assaults on 1,200 organisations. In 75% of those instances, businesses were able to retrieve at least some data from their backups, but in 39% of instances, they lost all of their backups.
Veeam recommends that organisations take precautions to secure both their original data and their backups from ransomware threats. In order to protect data from loss or corruption, the company suggests employing immutable sources, such as immutable clouds and immutable discs, for backups and implementing frequent, automated cyber-detection scans for backups.
While it’s true that many businesses do pay the ransom when their data is stolen, doing so is no guarantee that the stolen information will be returned. Veeam found that among the 80% of companies who gave in to ransom demands, 59% were successful in getting their data back, while 21% were not.
The percentage of victims that pay the ransom has increased by 4% annually, while the percentage of businesses with a backup plan has decreased by 19%.
The prominent cybercriminal group LockBit has turned its eyes on macOS and Mac machines as of April, due to the increasing profitability of ransomware assaults. LockBit has previously only created ransomware for Windows, Linux, and virtual host PCs, so this novel strain may be a first for the group.
According to MalwareHunterTeam, a security research organisation, the Mac-specific ransomware appears to target Apple Silicon Macs and is posted online under the build name locker_Apple_M1_64.
The researchers point out that Macs may be more vulnerable to intrusions now that word of the malware has spread.
LockBit is notorious for selling its malicious software as a service, or ransomware-as-a-service (RaaS).
Info Sources-Digital Trends