Attacks on authentication turn ransomware from disruption to disaster

SC StaffOctober 5, 2020
Garmin reportedly paid cybercriminals millions of dollars following a WastedLocker ransomware attack that shut down its systems for several days. Today’s columnist, Andy Jaquith of QOMPLX, offers security pros insight into how ransomware cases have gone from disruption to disaster – even a recent death in Germany. (Photo Credit: Frederic J. Brown/AFP via Getty Images)
  1. Get In: Find an external weakness, or phish an employee.
  2. Spread: Forge or steal credentials to gain domain administrator privileges, move laterally, and push ransomware out globally.
  3. Profit: Extort a king’s ransom—or else burn the target’s Windows assets to the ground.