The prevalance of ransomware is once again on the rise, jumping from the 22nd to the 5th most common type of malware, according to Verizon. That’s a reverse of the trend we saw in 2022. Key industries targeted by ransomware include public administration, healthcare, and financial services. 

A new study in the JAMA Health Forum says ransomware cases, aimed at hospitals, “more than doubled since 2016, exposing the personal health information of nearly 42 million patients. During the study period, ransomware attacks revealed larger quantities of personal health information and grew more likely to affect large organizations with multiple facilities.

Exploit kits for hackers are using ransomware-as-a-service

Ransomware-as-a-service, a commodified form of malware, offers lucrative extortion capabilities to anyone who can purchase it. The exploit kits used have evolved from Angler to Neutrino to RIG. According to Recorded Future, the latter can be rented for $200 per week as a crimeware-as-a-service. These exploit kits are delivered via phishing, accounting for 21% of incidents. Ransomware phishing emails often target employees in human resources and accounting departments, as they frequently open attachments.

Heimdal Security states that the RIG exploit kit detects eight vulnerabilities in unpatched software and downloads the Cerber ransomware onto a target system. Once the ransomware infects a victim's system, it encrypts their data and locks them out until they pay a ransom to decrypt their files. While the vulnerabilities constantly change, as of January 2023, they included flaws affecting Adobe Flash Player, Microsoft Edge, Internet Explorer, and Microsoft Silverlight.

Duo's 2016 Trusted Access Report: Microsoft Edition says almost 2/3rds of devices running Internet Explorer had an outdated version of Flash installed, potentially making them susceptible to known vulnerabilities in the RIG exploit kit. Research from Cisco's Talos Intelligence Group on RIG payloads and user agent information indicates that the most commonly exploited victims include users browsing with Internet Explorer on Windows platforms.
When hackers gain entry to a system, shared passwords make it easier for them to access other parts of the network. A single security incident can quickly escalate into a full-blown breach if a hacker discovers a document full of shared passwords in one employee's Google account. This compromises the organization's security and can lead to legal issues if customers' privacy rights are violated.

To ensure personnel is informed about the latest cyber threats and follow the best practices for online security to minimize their risk of falling victim to cyber-attacks and protect their personal information, Aware Force offers a whole library of cyber content tailored for your needs and branded for your organization. Check our Cybersecurity Library page to get to know more or connect with us. You'll see why organizations across the US and Canada use topical cybersecurity content — branded for them — delivered year-round by Aware Force.