Ransomware is hitting the financial services industry harder than ever before, a new report has claimed.
Findings from Netskope Threat Labs claims that the financial sector remains “one of the most attacked sectors by ransomware groups,” who mostly use trojans to breach systems and deploy encryptors.
Of all the groups engaged in ransomware, two particularly stand out, Netskope says Cl0p and LockBit. The former made headlines last year after exploiting a vulnerability in the MOVEit managed file transfer service to compromise hundreds of organizations around the world and steal terabytes of data.
Cl0p and LockBit
Some researchers claim the group’s activities affected almost a thousand organizations and more than 60 million people.
LockBit, on the other hand, established itself as one of the biggest ransomwareasaservice providers, affecting many highprofile organizations. Despite the recent takedown of dozens of its servers, the group has now apparently reemerged with another data leak website and new victims listed.
Netskope’s report also found that Microsoft One Drive and Sharepoint, as well as GitHub, are some of the most popular targets for abuse to spread malware, and have been since September last year.
Sharepoint has proved more popular within the financial sector than in other industries, which Netskope claims is mainly due to the popularity of Redmond’s video conferencing service Microsoft Teams, which makes use of Sharepoint for file sharing purposes.
He added, “What is interesting to see is that the financial sector remains one of the most attacked sectors by ransomware groups with a focus on the exploitation of vulnerabilities at scale.”
Passeri also believed that the statistics should serve as a salutary lesson: “Every organization should take the time to assess and secure their own infrastructure and [remember] that simple operational mistakes could expose you to significant threats.”