The attacks ransomware they represent one of the most feared digital threats, both by ordinary users and by the largest companies in the world.
What makes these campaigns so fearsome is also the fact that i cybercriminali of the various groups are always ready to devise new and refined techniques to collect new victims.
In this regard, the latest innovation comes from the techniques defined as Initial Accessthe danger of which is even underlined by a warning coming fromFBI. Specifically, we are talking about two new strategies which are considered by the well-known American agency to be potentially devastating.
Initial Access: the FBI worried about the new trend in the ransomware context
In the first case we talk about the exploitation of vulnerabilities of third-party vendors. Apparently, in fact, in recent times there has been an increase in ransomware infections against casinos through third-party software providers, in the period between 2022 and 2023. The cybercriminals mainly acted encrypting servers and the personally identifiable information of employees and customers.
According to the FBI, those responsible for ransomware attacks try to target legitimate tools, regularly used by employees, to break into systems and obtain high permissions in the context of the organization’s internal network. This context, for example, includes the recent attack on Silent Ransomwhich exploited telephone numbers to contact victims.
How to defend yourself effectively?
The FBI has established a series of recommendations to significantly limit the risks associated with the Initial Access approach of ransomware. In this case, the agency recommends:
- Prepare for any problems by maintaining backup offline (possibly encrypted);
- Better manage access, with accounts protected by password robuste and with other advanced protection systems (such asmulti-factor authentication);
- Adopt a strategy network segmentationwith monitoring tools used to detect and identify ransomware;
- Use a antivirus adequate, updated regularly and present on all hosts;
- Adopt the RDP protocol (Remote Desktop Protocol) and monitor the same regularly;
- Keep all updated operating systems e software through i firmware not patch latest.
