Ransomware gangs increasingly targeting virtualization platforms says study 

    A study conducted by Cybersecurity Firm Mandiant confirms that ransomware actors are increasingly targeting virtualization platforms to extort ransom in large amounts. A report released on this note confirmed that most of the targeted environments are the one operating on Vmware.

    M-Trends 2022 report not only disclosed what threat actors are doing, but has also offered ways to mitigate risks.

    The year 2021 witnessed an increase in ransomware attacks on Corporate IT environments. And from early 2022, the focus of the cyber criminals has shifted towards core business environments such as virtualization as any attack on such operations will lead to complex IT disasters.

    Mandiant researchers claim that most of the threat actors such as Hive, Conti, Blackcat and Darkside are only targeting VMware vSphere and ESXi platforms. And they are some strategies to mitigate risks.

    Another study made on corporate IT environments by Enterprise Strategy Group (ESG) states that over 79% of organizations have experienced a ransomware attack in the past year. And nearly half of them admitted that their business was financially affected by such attacks.

    Interestingly, nearly half of the victims have set up cryptocurrency wallets to pay ransom for the future. And that about 30% of them have sought cyber insurance as a cover to business loss, just in case another digital assault strikes them.

    The figure reveals us the mindset of most of the CIOs, CTOs and the business heads of technology companies. Means, they are just interested in freeing up their data from encryption, instead of proactively investing on threat monitoring and detection tools.

    Note– If the victim pays ransom; there is no guarantee that the cyber criminal group will return the decryption key for sure. Such activities encourage crime and so the United States FBI is urging victims not to pay any ransom and instead seek the help of the law enforcement.


    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display