Recently, the FBI issued a warning about a new type of cyber attack called “Dual Ransomware” attacks. These attacks target the same victim within a timeframe of 48 hours to 7 days. The consequences of such attacks include financial losses, theft of sensitive information, and the complete lockdown of data access.
The exact motivations behind these attacks are still unclear. However, security analysts believe that factors such as inadequate technical support, mis-configurations in applications or cloud environments, and the absence of a business continuity plan may contribute to their prevalence.
According to a survey conducted by a dark web-affiliated hacking group, nearly 19 companies have fallen victim to dual ransomware attacks since July 2023. Even Fortune 500 companies have not been spared from these attacks.
Interestingly, these attacks have not been officially documented. They only came to light when affected companies sought help from freelance forensic experts to negotiate with the hackers.
The culprits behind these attacks remain unknown, but there are suspicions that Ransomware-as-a-Service (RaaS) groups may be involved. These groups may either directly orchestrate the attacks or have connections to the encryption code used.
Researchers have traced the origins of dual encryption as a criminal tactic introduced in 2020-21, coinciding with the COVID-19 pandemic and the rise in remote work culture.
To defend against these attacks, implementing robust identity and access management measures is crucial. This includes using strong passwords, implementing multi-factor authentication systems, and implementing time-based access controls for administrative accounts. Other essential security practices include keeping operating systems up to date, updating antivirus solutions regularly, securing network protocols, patching firmware vulnerabilities, disabling unused ports, and monitoring activities on Bring Your Own Device (BYOD) devices.
– Dual ransomware attacks target the same victim within a specific timeframe.
– Inadequate technical support and mis-configurations may contribute to these attacks.
– Nearly 19 companies, including Fortune 500 companies, have fallen victim to dual ransomware attacks.
– The involvement of Ransomware-as-a-Service (RaaS) groups is suspected.
– Dual encryption as a criminal tactic emerged during the COVID-19 pandemic.
– Robust identity and access management measures are crucial for defense against these attacks.