Understanding the Ransomware Ecosystem: From Screen Lockers to Multimillion-Dollar Criminal Enterprise
A new report from Tenable Research explores the key players in the ransomware ecosystem and the tactics that have helped propel it from a fledgling cyberthreat into a force to be reckoned with.
Ransomware is a constantly evolving cyberthreat, and it is through its evolution that ransomware has managed to not only survive, but thrive.
There are a number of reports that detail ransomware’s evolution, from the earliest form of ransomware known as the AIDS (or PC Cyborg) Trojan in 1989 to its transition into screen locker ransomware and, ultimately, the cryptolocker ransomware that encrypts files on systems. This type of ransomware became the basis for how modern ransomware operates.
Screen locker ransomware relied on fear tactics targeting individual users, using law enforcement imagery of the Federal Bureau of Investigation (FBI) and UK's Metropolitan Police Service (the Met), along with text claiming that the victim had accessed pornographic or child abuse content from their computer. These victims were instructed to pay a “fine,” which was typically between $100-500, in order to unlock their systems. In reality, these users could regain access to their systems without payment, as none of their files were tampered with.
Over the last four years, ransomware has skyrocketed into a multimillion-dollar, self-sustaining industry. It has become a part of the routine experience for organizations following noteworthy attacks against critical infrastructure like the Colonial Pipeline or JBS Foods attacks in 2021.
Image Source: Security Boulevard
Underpinning the success of today’s ransomware is what's called the ransomware ecosystem. In our latest report, we explore the key players that shape the ransomware ecosystem and the tactics that have helped propel ransomware into the most dominant threat to organizations today
What you’ll get from this report:
- A better understanding of how the ransomware ecosystem evolved
- The most common attack vectors used by the players in the ecosystem
- Guidance on how to prepare and defend against ransomware attacks
- A list of the vulnerabilities likely to be exploited in ransomware attacks
Get more information
- Download the full report here
- Attend the webinar: Tenable’s Ransomware Ecosystem Report: Understanding the Key Players, Common Attack Vectors and Ways You Can Avoid Becoming a Victim
- Blog post about The Ransomware Ecosystem Tenable.io Dashboard
- Blog post about The Ransomware Ecosystem Tenable.sc Dashboard
- Blog post about The Ransomware Ecosystem Tenable.sc Report
- Follow Tenable’s Security Response Team on the Tenable Community
Articoli correlati
Cybersecurity Snapshot: CISA Warns Hospitals about Black Basta, as Tenable Study Finds Cloud-Related Breaches Pervasive
May 17, 2024Find out why healthcare organizations must beware of the Black Basta ransomware group. Meanwhile, a Tenable study found that 95% of surveyed organizations suffered a cloud-related breach, and offers insights for boosting cloud security. Plus, a Cloud Security Alliance report delves into how AI systems can create risky gaps in your cloud environment. And much more!
IDC Ranks Tenable No. 1 in Worldwide Device Vulnerability Management Market Share for the Fifth Consecutive Year
February 22, 2024The research firm’s latest report also provides market insights that security professionals can use to improve their vulnerability management strategy.
Pig Butchering Scam: From Tinder and TikTok to WhatsApp and Telegram, How Scammers Are Stealing Millions in a Long Con
February 14, 2024In part one of a two-part series on Pig butchering, we detail the pervasive scam that has impacted thousands of victims around the world, resulting in the loss of hundreds of millions of dollars. This blog highlights the who and the how of Pig butchering scams, and details the Pig butchering playbook.
Microsoft’s June 2024 Patch Tuesday Addresses 49 CVEs
June 11, 2024Microsoft addresses 49 CVEs in its June 2024 Patch Tuesday release with one rated as critical and no zero-day or publicly disclosed vulnerabilities. Our counts omitted two CVEs that were not issued by Microsoft, which include CVE-2023-50868 (issued by MITRE) and CVE-2024-29187 (issued by GitHub).
Cloud Workload Protection: The Key to Decreasing Cloud Security Risks
June 11, 2024More than 80% of all breaches involve data stored in the cloud, and security teams that don’t use cloud workload protection (CWP) may never get ahead of attackers who want to access as much data as possible with the least effort. A single cloud breach is often the most straightforward way into these sensitive environments. On average, it costs nearly $5 million to respond and recover. So, why are so many organizations still using traditional on-prem security that isn't designed for the dynamic cloud?
CVE-2024-4577: Proof of Concept Available for PHP-CGI Argument Injection Vulnerability
June 7, 2024Researchers disclose a critical severity vulnerability affecting PHP installations and provide proof-of-concept exploit code, which could lead to remote code execution.
- Research Reports
- Vulnerability Management