Ransomware Groups Target More Vulnerable Countries for Practice

People say that practice makes perfect, and it turns out hackers believe in that as well. Before trying their luck with Western countries that are shielded by better cybersecurity, hackers would use developing countries for a practice run.

Hacker Attack
Getty Images

Hackers Targeting Developing Countries

Not all countries have the same level of cybersecurity as some systems are harder to penetrate than others. Cyberattackers are well aware of that fact and are exploiting it for practice. Before moving on to harder targets, ransomware groups are infiltrating other systems.

The new strategy involves businesses from countries in Africa, Asia, and South America. "Adversaries are using developing countries as a platform where they can test their malicious programs before the more resourceful countries are targeted," cybersecurity firm Performanta expressed.

Some of the recently breached targets include a Senegalese bank, a financial services company in Chile, a tax firm in Colombia, and a government economic agency in Argentina, as reported by Ars Technica.

The research regarding the new ransomware tactics was prompted by an uptick in cyberattack cases since 2020, which has doubled even before the pandemic. The attacks were exacerbated by the growing digitization of data and good internet networks, but "inadequate" protection, the IMF stated.

The reported losses have already grown to $28 billion, along with billions of data stolen or compromised. Even with the estimated damages, the IMF believes that the costs of the attacks are "substantially higher."

Among the ransomware groups, Medusa began to attack businesses in South Africa, Senegal, and Tonga by stealing and encrypting data last year. It has already conducted 99 cyberattacks in the US, the UK, Canada, Italy, and France.


How to Prevent Ransomware Attacks

Company systems, especially those that hold sensitive customer data need to have stronger cybersecurity measures in place to avoid such incidents. However, strong systems are not enough as employees will have to be educated about how they can be used to infiltrate the system.

For instance, there have been cases where hackers got into company systems by sending phishing emails to employees. Infected links can be attached to messages that appear as business-related emails.

To fight against potential encryption ransomware, businesses should practice backing up their data, eliminating the leverage of locked files. It would also be advisable to keep all systems and software updated to get the latest patches and fixes.

As suggested by UpGuard, Endpoint security should be a priority for businesses, especially developing ones. The more employees there are, the more endpoints hackers can breach into. This can be avoided by installing endpoint protection platforms (EPP) or endpoint detection and response (EDR).

Application whitelisting can also be an effective method to avoid getting infected by corrupted websites and files. It will determine which applications can be downloaded and executed in certain networks, serving as the first line of defense in cases like this.

It's important to run regular security testing to determine whether new security measures need to be implemented. As cyberattacks continue to evolve, security measures need to keep up as well.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics