"Time Taken to Deploy Ransomware Drops 94%"

Security researchers at IBM have found that threat actors have significantly accelerated their deployment of ransomware in recent years, from an average of over 60 days per attack in 2019 to less than four days in 2021. The firm’s annual X-Force Threat Intelligence Index was compiled from billions of data points collected in 2022 from network and endpoint devices, incident response engagements, vulnerability and exploit databases, and more. The researchers found that although ransomware’s share of incidents fell from 21% in 2021 to 17% in 2022, attackers are conducting their attacks quicker than ever, with a 94% reduction in the average time taken to deploy ransomware between 2019 and 2021. The researchers noted that one particularly damaging way ransomware operators distribute their payload across a network is by compromising domain controllers. A small percentage, approximately 4%, of network penetration test findings by the researchers revealed entities that had misconfigurations in Active Directory that could leave them open to privilege escalation or total domain takeover. In 2022 the researchers also observed more aggressive ransomware attacks on underlying infrastructure, such as ESXi and Hyper-V. The researchers noted that the continued prevalence of ransomware helped to make extortion the number one goal of threat actors last year. It was present in a fifth (21%) of attacks, more than data theft (19%) and credential harvesting (11%). The researchers stated that business email compromise (BEC) was the other major driver of extortion-based attacks and that they frequently featured the use of remote access tools, crypto-miners, backdoors, downloaders, and web shells. Manufacturing firms accounted for the largest group of victims (30%) in extortion attacks. Phishing remained the number one initial access vector last year, identified in two-fifths (41%) of incidents, followed by exploitation of public-facing applications (26%).

 

Infosecurity reports: "Time Taken to Deploy Ransomware Drops 94%"

Submitted by Anonymous on