HomesecurityRansomware: Common ways hackers invade a network

Ransomware: Common ways hackers invade a network

Phishing and brute force attacks on exposed Remote Desktop Protocol (RDP) services are the most common methods used by hackers to gain a foothold in corporate networks to lay the groundwork for ransomware attacks.


See also: DoppelPaymer has been renamed Grief ransomware

Coveware cybersecurity researchers analyzed ransomware attacks in the second quarter of this year and detailed how phishing and RDP attacks are the most popular entry points for ransomware attacks.

Phishing attacks - where cybercriminals send emails containing malicious attachments or target victims on a compromised ransomware site - have risen slightly in popularity in the last quarter, accounting for 42% of attacks.

See also: Haron & BlackMatter: The new ransomware groups that July "brought"

Meanwhile, attacks on RDP services, where cybercriminals impose weak or default usernames and passwords - or sometimes gain access to legitimate credentials via phishing emails - remain extremely popular with ransomware groups, which account for 42% of attacks.

See also: LockBit ransomware: Encrypts Windows domains using group policies

Both phishing and RDP attacks remain effective, as they are relatively simple to execute cybercriminals, but, if successful, can provide a gateway to an entire corporate network. Violating RDP credentials is especially useful because it allows intruders to enter the network with legitimate connections, making it harder to detect malicious activity.

Source of information:

Teo Ehc
Be the limited edition.