2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands
– admin
The mid-year review of the threat landscape by Rapid7 highlights concerning trends. It reveals that ransomware continues to pose a significant threat, with a high number of victims globally in the first half of 2023. The report emphasizes that these figures are conservative and don’t account for organizations that quietly pay the ransom without reporting incidents. The success of ransomware attacks is attributed to the potential profit for criminals and the inadequate security measures adopted by many potential targets. The review identifies several factors contributing to this inadequate security posture. Firstly, nearly 40% of incidents occurred due to missing or insufficient implementation of multi-factor authentication (MFA). Secondly, the overall security maturity of many organizations remains low, with most failing to meet recommended security benchmarks. Finally, attackers continue to exploit old vulnerabilities successfully, highlighting the importance of timely patching. The report further notes that while new vulnerabilities are discovered and exploited, a considerable portion of widespread threats still rely on zero-day vulnerabilities. Exploit brokers on the dark web sell zero-day exploits for large sums of money, providing substantial returns on investment for cybercriminals. The report highlights the profitable nature of cybercrime by pointing out the potential earnings for ransomware gangs. Overall, the report paints a bleak picture of the cybersecurity landscape, with significant financial incentives for cybercriminals and organizations struggling to implement basic security measures. Factors such as cloud complexity, shortage of skilled cybersecurity professionals, and economic uncertainty further complicate the situation. However, the report emphasizes that organizations have the power to improve their security posture by implementing measures like MFA. In conclusion, the review underscores the importance of prioritizing basic security measures, patching vulnerabilities, and increasing security maturity to mitigate the growing threats in the cybersecurity landscape.
Link: https://www.securityweek.com/rapid7-says-roi-for-ransomware-remains-high-zero-day-usage-expands/

Categories:

Tags: