Remote Encryption Attacks Surge: How One Vulnerable Device Can Spell Disaster
Dec 20, 2023
Network Security / Data Breach
Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. "Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one underprotected device to compromise the entire network," Mark Loman, vice president of threat research at Sophos, said . "Attackers know this, so they hunt for that one' weak spot' — and most companies have at least one. Remote encryption is going to stay a perennial problem for defenders." Remote encryption (aka remote ransomware), as the name implies, occurs when a compromised endpoint is used to encrypt data on other devices on the same network. In October 2023, Microsoft revealed that around 60% of ransomware attacks now involve malicious remote encryption in an effort to minimize their footprint, with more than 80% of all compr