Why 8base ransomware is a wake-up call to SMEs – BusinessCircle
– Ankita Agrawal
Summary: The research from Avast indicates that SMEs in the UK have become a target for ransomware operators, with nearly half of them paying to regain access to their data. 8base is a new and rapidly growing ransomware operator that emerged in March 2022.
It primarily targets SMEs offering business services, finance, manufacturing, and IT.
The malware is delivered through phishing emails, and it uses various techniques to infect the enterprise, including modifying registry keys, using malware families like SmokeLoader and SystemBC, and utilizing Initial Access Brokers (IABs).
It employs tactics to evade defenses, such as process injection, pretending to be a legitimate binary process, and disabling security processes. 8base encrypts files, deletes backups, and inhibits system recovery.
To detect and mitigate such attacks, organizations should focus on logging, visibility of assets, and monitoring systems, including using SIEM platforms and additional features like SOAR, UEBA, and EDR.
Implementing cybersecurity hygiene practices, such as phishing training, access controls, data backups, network segmentation, software updates, and regular incident response checks, can also help prevent ransomware attacks.
The emergence of 8base highlights the need for SMEs to strengthen their security controls.
Link: https://businesscircle.co/2023/09/24/why-8base-ransomware-is-a-wake-up-call-to-smes/