The number of targeted ransomware attacks is increasing in Europe, according to security researchers. In order to maximize damage or profit, attackers move in phases. Endpoints and other systems connected to the Internet are also more vulnerable than ever. These tend to be legacy vulnerabilities that administrators overlook.

These are some of the findings of a Cyber Security Threat Assessment and Advisory Report (in Dutch) by Pinewood, a security company in the Benelux. Experts share their views on cyber security in the report, supplemented with research figures from Pinewood's Security Operations Center.

As opposed to the past, when attackers used to mainly shoot hail, they are increasingly trying to enter through a targeted approach, and then hunt for vulnerabilities around an IT infrastructure. In this way, criminals can penetrate personal or otherwise sensitive information, increasing the likelihood that targets will pay faster. Companies have difficulty identifying these risks properly.

It is debatable whether companies should pay for ransomware attacks. As Pinewood's SOC specialists have found, paying is not really an option since there is no guarantee of a solution. Layered security, current scenarios that are frequently practiced, detection and awareness among employees, current backups, and segmenting the network can provide good protection against the greatest risks.

Cybercrime is becoming increasingly organized. As chain attacks become more common, different cybercriminals are taking part in a longer attack chain. This increases the difficulty of tracing criminals. According to the report, companies and governments need to act and collaborate better in areas of prediction, detection, and response, so that chain attacks can be stopped at any stage.

Photo credit: Kaur Kristjan