Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The outbreak of COVID-19 and the anxiety and the uncertainty brought with it has proven to be an opportunity for ransomware actors to go on the offensive.
Along with leveraging concern over the virus itself, threat actors have thrived on the rapid dispersal of workforces and business operations and the resulting widened protection gaps and decreased visibility security teams have into their organizations’ attack surfaces. Attackers now have far more access points to probe or exploit, with little-to-no security oversight. Meanwhile, IT is standing up new systems, new access, and new channels at a breakneck pace. In many cases, they’re succumbing to human error, such as critical misconfigurations.
Attackers are searching for these entry points—unknown, unprotected, misconfigured, and unmonitored digital assets. Microsoft, for example, has seen one operation known as REvil, which targets vulnerabilities in VPN devices and gateway appliances to breach networks, and many other groups are operating the same way.
Given the recent successes of deploying ransomware via malware attacks, especially during pandemics, RiskIQ assessed in March that it was only a matter of time before cybercriminals returned to it. Now, ransomware attacks are rampant and will increasingly impact healthcare facilities and COVID-19 responders.
BleepingComptuer found that on March 24, cybercriminals targeted hospitals with Ryuk ransomware. Likewise, Forbes reported on March 23 that Hammersmith Medicines Research, a British medical facility on standby to test COVID-19 vaccines, was attacked by a ransomware group called Maze. Fortune also reported a rise in ransomware attacks against medical facilities.
In addition to having more targets, cybercriminals have, over the past few years, increased their capabilities. Today, ransomware is produced by hackers who have had years of virus development. These hackers can take advantage of industry-standard cryptography to attack their targets.
Against the backdrop of this ransomware “perfect storm,” RiskIQ’s Intelligence Investigation and Response (i3) Team studied 127 ransomware attacks between 2016 and 2019. Their latest Intelligence Brief is packed with insights into what is yet to come in the ransomware threat landscape, as well as strategies healthcare providers can use to protect their patients’ data now.
Get the threat brief to learn:
Download the brief here, and learn what your organization should be doing immediately to protect its growing attack surface here. Here, learn how RiskIQ is enabling the cybersecurity community during the COVID-19 crisis.
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Exposed services show attacker activity—#phishing sources, hosts, #C2 servers, apps, code, and more. We graphed the internet for 10+ years to illuminate this infrastructure for #ThreatHunting. Sign up for RiskIQ Community Edition and see for yourself https://bit.ly/35wLffk
Microsoft Remote Desktop is spiking. Why? Because all work is now remote work and all access is now remote access. RiskIQ scans hundreds of ports and maps exposed services to provide security teams with a picture worth a thousand log lines. https://bit.ly/2xJ1Dgx
RiskIQ's #COVID19 Internet Intelligence Gateway will enable the cybersecurity community to fight a surge in pandemic-related cybercrime. Sign up, submit any suspicious COVID-19-related URL, and have RiskIQ's powerful global crawling network at your command http://bit.ly/3eon6ek
Via @InfosecurityMag, @DanRaywood highlights RiskIQ's new #COVID19 Internet Intelligence Gateway. This one-stop cybersecurity resource is the latest weapon in the fight against the surge in pandemic-related cybercrime. Read more here https://bit.ly/36ALU02