• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

What Is The Ideal Ransomware Victim?

Lucrative organizations in the U.S. leveraging remote work technologies are the ideal ransomware victim, says cyber firm KELA.

September 7, 2021 Zachary Comeau Leave a Comment

Ransomware

According to a new report, the ideal ransomware victim is in a lucrative commercial market in a wealthy country that uses remote desktop protocol or a VPN.

Cybersecurity firm KELA’s report cited activity from July 2021 that indicated ransomware attackers prefer organizations in specific geographies and markets, and prefer very specific products for initial network access.

Specifically, organizations in the U.S. with revenue of ore than $100 million are the most sought-after targets, according to KELA’s report.

Those products most ransomware actors prefer to leverage in an attack, according to KELA’s report, include solutions offered by Citrix, Palo Alto Networks (specifically GlobalProtectVPN), VMware (EXSi), Fortinet and Cisco.

“For suitable victims, ransomware attackers are ready to buy all kinds of network accesses, with RDP and VPN being the most basic requirement,” KELA said in the report.

Most attackers say the level of privileges accessed does not matter, but some did say they prefer domain admin rights.

Ransomware actors have been known to attack nearly every sector, but KELA’s report suggests they try to avoid some due a moral code.

Listen: The Growing Threat of Ransomware

Based on hacking message boards, education, healthcare, government and nonprofit are the most blacklisted sectors for ransomware actors, with 47% refusing to buy access to companies from healthcare and education.

Another 37% prohibited attacking the government sector and 26% said they will not purchase access to non-profit organizations.

“When actors prohibit healthcare or non-profit industries offers, it is more likely due to the moral code of the actors,” the report said. “When the education sector is off the table, the reason is the same or the fact that education victims simply cannot afford to pay much. Finally, when actors refuse to target government companies, it is a precaution measure and an attempt to avoid unwanted attention from law enforcement.”

KELA also found that ransomware actors like to target companies based in the U.S. the most, with 47% of actors mentioning the country. Other top counties are Canada (37%), Australia (37%) and European countries (31%).

Not surprisingly, Russia and other Russian-speaking countries are also blacklisted. Most experts believe most ransomware activity originates from Russia or other post-Soviet countries.

KELA’s report includes three key steps to help protect against ransomware attacks, including:

  • Cybersecurity awareness and training for everyone in the organization so everyone can spot suspicious activity, phishing emails or unusual requests.
  • Regular vulnerability monitoring and patching to protect the entire network infrastructure and prevent unauthorized access.
  • Targeted and automated monitoring of key assets to detect threats.

Tagged With: ransomware

Related Content:

  • Log4j, Most Exploited Vulnerabilities Log4Shell Exploitation Continues, Agencies Warn
  • Microsoft TAP Microsoft Releases Temporary Access Pass For Time-Limited Passcodes
  • Owl Labs' Meeting Owl 3 Owl Labs Launches Meeting Owl 3 Camera Device,…
  • Microsoft Servicing Profiles Admins Now Have More Control Over Microsoft 365…

Free downloadable guide you may like:

  • Windows 11Blueprint Series: Upgrading to Windows 11

    Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted to provide many benefits, including some important security enhancements, when and how to roll out the upgrade will vary significantly by organization.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

Hybrid Work Challenges
The Three Most Common Hybrid Work Challenges Two Years Into the Pandemic

Many of us have been working in a hybrid environment for two years now. Our editors thought this would be a good time to take a look at what’s work...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.