Ransomware attacks in 2018 used Remote Desktop Protocol (RDP) as a main attack vector, according to a Webroot report.
While ransomware attacks decreased in 2018, they also became much more targeted, according to the 2019 Webroot Threat Report released Thursday. The report analyzed the most prominent cybersecurity threats over the course of 2018, showing organizations where to exercise the most caution this year.
Ransomware is a form of malware in which hackers infiltrate a device and its data, demanding payment in exchange for the information. This form of attack has gained traction in the past few years, especially for SMBs that don’t have the tools to adequately protect themselves.
SEE: Information security policy template download (Tech Pro Research)
Because of how widespread ransomware attacks have been in the past, many companies took note, implementing tools and applications to help protect their data. However, by making it more difficult for cyberattackers to access information, ransomware attacks only became more strategic and targeted, the report found.
“We wax poetic about innovation in the cybersecurity field, but you only have to take one look at the stats in this year’s report to know that the true innovators are the cybercriminals,” said Hal Lonas, CTO of Webroot, in a press release. “They continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results. My call to businesses today is to be aware, assess your risk, create a layered approach that protects multiple threat vectors and, above all, train your users to be an asset—not a weak link—in your cybersecurity program.”
One of the most popular attack vectors of 2018 utilized Remote Desktop Protocol (RDP) connections, using tools such as Shodan to locate systems with faulty or inadequate RDP settings, the report found.
In addition to ransomware threats, the report also detected an increase in cryptomining and cryptojacking techniques. These types of attacks don’t have to wait on a user to pay a ransom, like ransomware does, allowing the attacks to be executed quicker, the report added.
For advice on how to recover from cybersecurity incidents, check out this article from TechRepublic.
The big takeaways for tech leaders:
- As cybersecurity efforts improved in organizations, ransomware strategies became more targeted. — Webroot, 2019
- Ransomware hackers typically used Remote Desktop Protocol (RDP) in 2018 attacks. — Webroot, 2019