India was the second most targeted country when it comes to cyberattacks in Asia according to a report by IBM. Last year, a report by Niti Aayog suggested that phishing and social engineering account for 57% of the attacks followed by malware attacks, DoS and ransomware.
It was also reported that the majority of the attacks came from China and other countries such as Russia, Pakistan, Ukraine, Vietnam and North Korea. Ransomware usually involves stealing, encrypting and using threats to leak personal data unless the ransom isn’t paid.
The most common form of ransomware used is called “Sodinokibi” where it exploits an Oracle WebLogic vulnerability to gain access to the victim’s hardware. The ransomware then tries to execute itself by elevating user rights so that it can access all files and resources on the system. The ransomware also has the ability to wipe out all files in the backup folder as well. So far, it is estimated that Sodinokibi has stolen around 21TB of data and leaked about 43% of the data. The group has managed to successfully earn $123 million in the past year according to IBM's 2021 X-Force Threat Intelligence Index.
No comments:
Post a Comment