“Ransomware 2.0” requires defense in four main areas: prevention, detection, response and communications
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today reported that ransomware recently has mutated into an even more damaging and dangerous threat.
In the last three months, ransomware has become a dramatically higher threat to organizations. Previously, ransomware would lock up an organization’s data and demand a ransom. In this new era–that KnowBe4 dubbed “Ransomware 2.0”–cyber criminals have quite suddenly become much more brazen and now infect networks to a point where they won’t be saved by backups anymore.
The new normal for ransomware criminals is to exfiltrate the organization’s crown jewel data, steal all login credentials for employees and customers and any other highly confidential information like valuable intellectual property, and then use high-pressure extortion tactics like threatening to release the stolen data to the victim’s business partners, competitors and the general public.
“With ransomware, cyber criminals are seeking to inflict the most amount of pain and risk immediately,” said Roger Grimes, data-driven defense evangelist, KnowBe4. “They want to get paid and will do almost anything it takes to make that happen. A new pattern emerged late last year, where a single ransomware gang started to deploy new tactics to steal, encrypt and threaten employees and customers. It proved so successful that other ransomware gangs have now started using these same tactics, precipitating us into a new era of ‘Ransomware 2.0’.”
According to a recent report from cybersecurity company Emisoft, the potential cost of ransomware in the U.S. alone in 2019 was 7.5 billion dollars.
For more “Ransomware 2.0” technical details, tactics and how to protect against them, watch the new, highly popular webinar by Roger Grimes titled: “Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?” here. For more information on KnowBe4, visit www.knowbe4.com.
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 31,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.