One-in-three organizations reported experiencing attempted ransomware attacks every week, with 9% noting that they have been attacked more than once daily, while 53% have been affected by a ransomware attack during the past year and a half, according to TechRepublic.
Email was the most commonly cited entry point for ransomware attacks, followed by desktop browsers and mobile devices, a report from Menlo Security revealed. Moreover, evolving threats and remote workers were named as the biggest challenges in ransomware defense.
The report also showed that 45% of IT security decision-makers in U.S. and U.K. enterprises noted that a data backup and recovery plan is being adopted following a ransomware attack, while 39% assess the attack's impact and 37% isolate impacted endpoints. Meanwhile, 65% of respondents expressed willingness to pay demanded ransoms, with 31% noting that the payment should be shouldered by their cyber insurance provider.
Menlo Security Senior Director for Cybersecurity Strategy Mark Guntrip noted that ransomware attacks are best prevented prior to the initial intrusion.
"If the threat can be prevented at this point it means that the rest of the infection chain never happens," Guntrip added.
New attacks by Chinese state-backed threat operation Camaro Dragon, which overlaps with Mustang Panda, have involved the novel Go-based TinyNote malware, which creates various persistency tasks to ensure host access despite its lacking sophistication, according to The Hacker News.
News media organizations, academic entities, and think tanks have been warned by U.S. and South Korean intelligence agencies regarding the cyberespionage attacks by North Korean state-sponsored hacking operation Kimsuky, also known as TA406 and Thallium, reports The Record, a news site by cybersecurity firm Recorded Future.