• Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
     
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Services
    SERVICES NEW
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
     
    • Penetration Testing
      Uncover your vulnerabilities before an attack does.
    • Red Team
      Use scenarios to perform a simulated attack.
    • Tabletop Exercises
      Test your incident response plan & bolster your readiness.

    Under Cyber attack?

    Contact us for immediate support if you believe your organization is the victim of a cyber attack.

    Contact Cyber 911 Team
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
  • Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
     
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Services
    SERVICES NEW
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
     
    • Penetration Testing
      Uncover your vulnerabilities before an attack does.
    • Red Team
      Use scenarios to perform a simulated attack.
    • Tabletop Exercises
      Test your incident response plan & bolster your readiness.

    Under Cyber attack?

    Contact us for immediate support if you believe your organization is the victim of a cyber attack.

    Contact Cyber 911 Team
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
BLOG

10 Examples of Recent and Impactful Ransomware Attacks

Private: Jeff Aldorisio
02/24/2021

Ransomware has been a persistent threat for organizations across industries for many years now. As more businesses embrace digital transformation, the likelihood of being targeted in a ransomware attack has grown considerably. This is because the methods cybercriminals employ to carry out attacks are becoming more difficult to identify and manage.

With ransomware attacks growing in complexity, organizations must stay educated and up-to-date on the rising cost and frequency of an attack, as well as the best practices for protecting against these vectors.

Below, we break down key ransomware attack vectors you should be aware of as you build out organization-wide security strategies and monitor your cybersecurity posture.

What is a ransomware attack?

Ransomware is a type of malicious code designed to gain access to a network and encrypt files on a system. From there, a cyber adversary will hold the encrypted files hostage until a ransom is paid. Given the lucrative nature of these attacks, cybercriminals are constantly creating and testing new vectors and variants of ransomware. This has given rise to a new age of ransomware attacks that leverage advanced deployment techniques to avoid detection altogether. As sophisticated ransomware kits become cheaper and easier to obtain, staying protected is a top concern for businesses looking to grow their digital capabilities.

Types of ransomware vectors

Understanding the vectors cybercriminals use to gain access to a system is critical in better protecting against ransomware attacks.

Below are three common ransomware attack vectors:

1. Remote desktop protocol (RDP)

RDP is a protocol designed by Microsoft that allows users to connect to and carry out commands on a system remotely. The issue is that RDP security is heavily dependent on having strong password hygiene which is often ignored by users. This means that cybercriminals are often able to easily crack RDP credentials and gain access to a system. These credentials are also available for purchase on the Dark Web for those who don’t want to do the work.

2. Email phishing

Another popular ransomware vector is email phishing. Using social engineering tactics, cybercriminals will send emails to employees that appear to come from trusted sources. Once opened, the email will ask for employee credentials or to download malware onto the system. The key to mitigating phishing risk is working with employees to ensure that they understand how to spot illegitimate messages across all platforms of communication.

3. Software vulnerabilities

Exploiting software vulnerabilities is another common ransomware delivery method. Unpatched software creates gaps in security that open the door to malware intrusions. Not only does this expose organizations to increased levels of cyber threat activity, but it also makes them an easier target for attackers since they can gain access to unpatched systems without having to harvest credentials. To reduce this risk, make sure to establish a patch management schedule so that new system patches are implemented as soon as they are released.

10 ransomware examples

With the average cost of a ransomware attack having grown in 2020, it is important to have an understanding of the different ransomware variants that may be used to target your organization. Below is a list of ten of the most significant ransomware attacks throughout the 2010s:

1. CryptoLocker

Source: https://www.computerworld.com

CryptoLocker is a Trojan horse malware that was used between September 2013 and Late May 2014 to gain access to and encrypt files on a system. Cybercriminals would use social engineering tactics to get employees to download the ransomware onto their computers and infect a network. Once downloaded, CryptoLocker would display a ransom message offering to decrypt the data if a cash or Bitcoin payment was made by the stated deadline. While the CryptoLocker ransomware has since been taken down, it is believed that its operators extorted around three million dollars from unsuspecting organizations.

2. Locky

Source: https://www.zdnet.com

Locky was released in 2016 and is spread primarily through emails containing an infected Microsoft Word document. When a user opens the document, they will see unintelligible data and the phrase “Enable macro if data encoding is incorrect.” If they enable macros then the ransomware will be downloaded and begin encrypting files. After the encryption is complete, victims receive a message on how to pay the ransom and get their files back.

3. Petya

Source: https://blog.malwarebytes.com

Petya is a ransomware family that was first discovered in 2016. It targets Windows-based systems, infecting the master boot record to deliver a payload and encrypt hard drive files. Upon its download, Petya encrypts the Master File Table of the NTFS file system and then displays a message with ransom payment instructions.

4. Ryuk

Source: https://blog.malwarebytes.com

Ryuk is enterprise-focused ransomware designed and executed by the cybercrime group WIZARD SPIDER. Unlike traditional ransomware attack vectors, Ryuk leverages spear-phishing tactics to target high-ranking individuals within an organization. Once infected, organizations will receive a note named RyukReadMe.txt with details on ransom demands and where to send the payment. Since 2018, WIZARD SPIDER has made around $3.7 million in Bitcoin payments from this ransomware.

5. WannaCry

Source: https://www.zdnet.com

WannaCry is a unique ransomware case because once it infects a system, it is able to duplicate itself without changing files or affecting the boot sector of a computer. Due to its duplicative nature, WannaCry was responsible for a worldwide cyberattack in May 2017, infecting over 230,000 computers in less than a day.

WannaCry targets computers that are running outdated versions of Microsoft Windows, exploiting the EternalBlue vulnerability. Much of its success can be attributed to poor patching hygiene, highlighting the importance of regular patching.

6. Cerber

Source: https://www.varonis.com

The Cerber ransomware highlights the growing complexity of ransomware threats, as it is being distributed using the Ransomware-as-a-Service model. Cerber is easily accessible as anyone can use it as long as they share forty percent of profits with the distributors.

Cerber is primarily distributed using phishing tactics, and once downloaded begins to encrypt files while running in the background to avoid detection. Once the encryption is complete the users will find ransom notes with instructions for payment.

7. GandCrab

Source: https://www.malwarebytes.com

First discovered in January 2018, GandCrab targets vulnerabilities within the Microsoft Windows operating system. Similar to Cerber, GandCrab is run as a Ransomware-as-a-Service with users agreeing to split profits with the distributors. As with other ransomware attacks, GandCrab uses social engineering tactics to gain access. Once it has been downloaded, it will begin encrypting files for ransom.

8. Reveton

Source: https://www.knowbe4.com

Sometimes referred to as the “Police Trojan”, Reveton uses social engineering to trick users into thinking they have committed a crime. Victims will receive a message claiming their computer has been locked by a law enforcement agency and that must pay a fine in order to regain access.

9. SamSam

Source: https://www.bankinfosecurity.com

Unlike most ransomware variants, SamSam uses remote desktop protocol exploits as well as brute-force tactics to steal credentials. SamSam only targets JBoss servers so if you use JBoss, make sure to keep up to date with their patch releases.

What makes SamSam particularly dangerous is the fact that it assumes administrator rights before downloading the malware onto a system. This means that victims do not have to download a file to be compromised, making it extremely difficult to track.

10. SimpleLocker

Source: https://thehackernews.com

Unlike the ransomware discussed above, SimpleLocker targets mobile devices running on the Android operating system. It is delivered using a Trojan downloader which has made it difficult to counter.

While this is the first identified Android ransomware, it will not be the last. To avoid infecting your device, make sure you only download apps from established stores such as the Google Play Store or the App Store.

How SecurityScorecard can help defend against ransomware attacks

To protect against ransomware threats you need complete visibility into your internal and third-party network environments. SecurtyScorecard’s Security Ratings offer an extra layer of protection by providing organizations with real-time vulnerability alerts, allowing them to actively address ransomware vectors as they arise. Our platform uses a simple A through F scale to rank vulnerabilities so that you can quickly visualize your organization’s security posture and prioritize threat remediation.

With Security Data, organizations can leverage cybersecurity data to gain insights into critical vulnerabilities within their enterprise ecosystems. SecurityScorecard’s global security threat intelligence engine continuously collects and analyzes a broad range of highly relevant, cybersecurity signals, allowing you to address ransomware threats in real-time.

Ransomware attacks are not going away anytime soon so it is essential that organizations take steps to defend against them. With SecurityScorecard, you have access to the tools you need to continuously monitor for and stay ahead of ransomware threats as your business embraces digital innovation.

Return to Blog
Join us in making the world a safer place.
FREE ACCOUNT SIGN UP
Products
Solutions
Customers
Marketplace
Partners
Resources
Company
Trust Portal
Security Ratings
Login
Blog
Contact
Careers

SecurityScorecard
Tower 49
12 E 49th St
Suite 15-100
New York, NY 10017

[email protected]

United States: (800) 682-1701
International: +1(646) 809-2166
Social-linkedin Social-facebook Twitter Instagram Youtube