Ernakulam, Kerala

map icon mao preview icon map icon mao preview icon

call icon +91 974 669 0000 Make a Call

mail icon [email protected]

whatsapp icon +919746690000

call icon +91 +91 484 3530222 Make a Call

website icon www.comtechsystems.in Go to Website

kochi

Copyright © 2026 Citymapia.com. All Rights Reserved

Ransomware truths

Ransomware truths

Posted On Nov 7, 2020

We're only months out from Sept.5, 2013, the anniversary of the birth of modern ransomware. We mark the day as a turning point since it was the day the first sample of Cryptolocker was spotted.

Modern technology to steal wealth from victims was pioneered by the fledgling ransomware, which had already been the longest road to survival in previous cyber attacks.

Money is essentially traceable because if you are a thief, it is impossible to access electronically, but Cryptolocker has a new trick. From Bitcoin.

Here we're scratching our heads seven years later, only worrying about what to do to protect ourselves from ransomware. You would think we should have gotten better at deterring attackers from this sort of online crime in seven years. But ransomware, like almost everything in information security, is a complicated threat, and an attack that has only become more difficult, especially in the last 10 months.

 

One indicator of our success is getting offenders to up their game, and we can see a decline in attacks or a move to something else or new tactics if we are successful in this. For eg, when we got together to discourage the use of shady credit card processors with bogus anti-virus, criminals switched to ransomware.

You could argue based on this that we, as an industry, have been very successful in stopping ransomware. It focused on infecting vast quantities of innocent individuals when ransomware was launched and requesting $400$1000 US dollars each to make money, causing widespread damages. Such attacks were automated and were largely a game of numbers. This is not what today's extortion threats sound like. The attackers shifted once more.

With respect to patching and much more advanced endpoint detection solutions, we have upped our security game, which makes mass infection not worth the effort if you have expertise. It is impossible to circumvent security tools, and if you hurt millions of people every month, vendors can make sure the attacks fail. To make it worth bypassing the safety safeguards, attackers need a bigger payout. Ideally, they want it to be more difficult for defense firms to procure samples to review the new bypass, Drastically reducing the super low-hanging fruit, such as out-of-date Adobe Flash Player and discarded Oracle Java versions, has also forced a change and began a stratification in the ecosphere of the malware operator. "Script kiddies" will never go anywhere, but the disruption they do is less than ever before and our better sanitation has minimized the dangers they face. 

The reaction to this has been those with real ability who break from the pack and improve their game. Mass Scale attacks are deadly, but those with these talents started to develop much more sophisticated attacks, mostly pulling pages from national state playbooks, but just being careful enough to prevent actions that might likely put them in jail. 

Since these attacks require a higher-level skill set to devote more time, the payoff must be much higher. The consequence is that ordinary companies now have individual enemies, not just governments and military contractors. This wasn't in the planning of any organization. For this modern fact, that has contributed to the deluge of news reports about ransom, extortion, and data leaks, they were and are woefully unprepared.

A systematic attempt to circumvent security instruments has been one of the most important of the new developments. Since the keyboard has a person, in almost every attack, the strategies and techniques used vary. When an admin's password may be phished, they log in to the network management console and automatically turn it off. If that doesn't succeed, organizations like Snatch have moved to Windows "secure mode" where certain security measures are removed before their encryption is released.

This means of escape are changing quickly and we don't expect things to slow down. In an effort to remain below the radar, people are handcrafting artisanal malware and distributing it cautiously at low volumes. Not only do they clobber everything in sight, they carefully pick which systems to snatch data from the most precious assets and only incapacitate them. This takes a bit of time if they are well trained to track down the telltale signals, which can be an asset for defenders.

If a gap is even open in the fence, they can and are likely to get in. Exposed remote desktop (RDP) enabled computers, remote access multifactor authentication managers, unpatched web servers, or even the same problems with a trustworthy partner or service provider are enough to give you the opportunity to follow this well-trodden route. 

They won't just give up if your resources succeed in stopping the initial attack. They are people who are going to find a way through some programmatic obstacles. You need humans to pick the wheat out of the chaff to protect themselves from this. 

On a weekly basis, strategies shift, and learning the signals of your own instruments turned toward you is the secret to early detection. This is a fight, not a struggle. You need to be vigilant and have the right staff, the right preparation, and the right resources to keep ahead of you. The days of filling your endpoints with protection tools, dusting your hands off, and walking away are long gone.

The perpetrators hybridized their attacks by incorporating technology to identify victims with a weakness in their defenses and people to use similar resources against themselves from the victims' own network creatively. This business model will net millions of dollars per victim for them and inflict uncountable extra harm.

The same strategy has to be used by our security. Computers, robotics, and tools are fantastic, yet they have a powerful defense in combination with human intelligence, pattern analysis, and our capacity to extrapolate from the past into the future. Many that are effective in protecting themselves almost always have the right combination of individuals, training, and instruments to invest in.

To be secure we need protection. Sophos advanced protection can be reached by you their nearby partners such as Comtech systems, the golden partner of Sophos, in south India .comtech is it service provider in Kochi.for more www.comtechsystems.in


Related items