27th September 2021, Kathmandu
According to the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the Conti ransomware attacks have increased in the U.S and international organizations.
With Conti ransomware attacks, attackers get access to an unprotected RDP port, malicious attachments, downloads, email phishing, or vulnerabilities to gain access to a network. These attacks steal data, workstations, encrypt servers, and demand ransom.
Mitigations
The recommendations issued by CISA, FBI, and NSA that network defenders must apply to avoid the risk of Conti ransomware attacks are as follows:
- Deploy multi-factor authentication.
- Implement network partition and filter traffic.
- Avoid insecure communication between networks.
- Implement spam filters to prevent phishing emails.
- Scan vulnerabilities and updating software.
- Implement software restrictions policies.
According to a report from Sonicwall, ransomware attacks have increased in a rapid way. Over 304.7 million ransomware attacks were performed globally in H1 2021, exceeding 304.6 million attacks in 2020, as a 151% increase. High-profile extortion attacks on Colonial Pipeline, JBS Foods, energy sectors, and the recent Kaseya attack have severely affected operations of organizations across the world.
Rewards for Justice Reporting
The U.S. Department of State offers a reward of up to $10 million for reports of foreign government malicious activity against U.S. critical infrastructure.
