Conti reforms into several smaller groups, are they now more dangerous than ever?

The cybercrime group has disbanded, but still may pose a severe threat to a number of businesses in a different way.

Leo Lintang, Getty Images/iStockphoto

On May 19, 2022, it was discovered by Advanced Intel that hacking group Conti had taken the majority of its infrastructure offline. The risk management company had been tracking Conti for some time, and found that on that day, the hacking group’s website and negotiation services site were both taken down. While this may seem like good news at first glance, the restructure into smaller cybercrime groups may make the members even more dangerous.

This, in large part, is due to smaller groups of tech terrorists allowing the global gang to do even more damage. Conti had already gained a reputation within the healthcare sector in previous attacks, and had posted anti-U.S. sentiment to their blog, making them a target for American authorities.

“It is not surprising that they are trying to avoid being chased by splitting into smaller groups, even more now that the U.S. government has issued a $15 million warrant for information that allows them to capture the heads,” said Ricardo Villadiego, founder & CEO of cybersecurity firm Lumu. “In addition, it is well-known that [Conti] has partnered with other threat actors in the past to achieve their goals. In fact, some members of the Conti operation were part of the REvil and BlackMatter operation.”

Why is Conti more of a threat now?

By splitting up, Conti’s now former members are making it more difficult to pinpoint how and where attacks will come from. This allows the former members to evade potential capture by partnering with existing groups, such as BlackCat or REvil to boost their operations.

See also  WWDC: Why I’m buying the new MacBook Air

Villadiego’s company, Lumu, has a history of dealing with Conti by detecting and eradicating malware used by the group, such as Emotet and Cobalt Strike, before a compromise has happened. He says that the effect these attacks have on organizations can be devastating, with smaller businesses bearing the brunt of attack in not having the necessary security measures or budget to fight off cybercriminals.

“Ransomware attacks have evolved in the last couple of years and that evolution requires specialization,” he said. “Emotet started as a banking trojan and now it is used as a precursor malware as it enables ransomware groups to pave the road, spread through the organizations, and control as many assets as possible so they can increase the disruption that they cause. However, since Conti group is a Ransomware as a Service (Raas) organization, they used to partner with Emotet developers to tailor the malware to each attack, which allowed them to focus on what was important for them—create disruption, exfiltrate information, and get money from their victims.”

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

How to avoid being victimized by Conti’s malware

According to Villadiego, time is of the essence when it comes to avoiding falling victim to a cyberattack. By detecting and rooting out the collection of incidents and threats that seemed inoffensive at first but that were not properly or timely addressed. By finding an adversary in the system as early as possible, businesses can avoid a devastating ransomware attack in the process.

“The most effective way to contain the impact is to intentionally monitor the network because regardless of the attack, the adversary must always use the network and a network that is compromised behaves differently than a network that is not,” Villadiego said. “In our case, we help organizations systematically collect and analyze a broad range of network metadata, and this is the gold mine. The network metadata will tell you exactly how and when the adversary is getting in and what they are trying to do so you can employ a precise response against that particular threat.”

See also  This $30 puzzle gives you a shot at $1,000,000

Through use of intentional and continuous monitoring, enterprises can ensure they are remaining vigilant when it comes to preventing these types of attacks. Additionally, employing a zero-trust architecture can assist with monitoring, as every item would be verified before being allowed into a network or device.

“If you are able to mitigate and eradicate all contacts with the adversary and do so timely, you are in a much better position to avoid the worst-case-scenario—which is what we so often see on the news. We work with more than 2,500 organizations of all sizes and have found that this is the best strategy,” Villadiego said.

Source link

© 2022, Admin. All rights reserved.

  1. Slot Online
  2. rtp yang tepat
  3. Slot Gacor
  4. Situs Judi Slot Online Gacor
  5. Situs Judi Slot Online
  6. Situs Slot Gacor 2023 Terpercaya
  7. SLOT88
  8. Situs Judi Slot Online Gampang Menang
  9. Judi Slot Online Jackpot Terbesar
  10. Slot Gacor 88
  11. rtp Slot Terpercaya
  12. vilaslot gacor
  13. Situs Judi Slot Online Terbaru 2023
  14. Situs Judi Slot Online Terpercaya 2023 Mudah Menang
  15. Daftar Situs Judi Slot Online Gacor Terbaik
  16. Slot Deposit Pulsa Tanpa Potongan
  17. Situs Judi Slot Online Resmi
  18. Slot dana gacor
  19. Situs Slot Gacor 2023
  20. rtp slot yang tepat
  21. slot dana
  22. harum4d slot
slot gacor shopeepay deposit shopeepay online
  • rtp
  • slot
  • slot gacor
  • slot online
  • slot88
  • rtp slot
  • slot deposit dana
  • jackpot maxwin x500
  • bocoran slot
  • game slot
  • rtp slot sweet bonanza
  • slot kakek
  • rtp slot hari ini
  • rtp live slot
  • Situs RTP Live
  • rtp slot pragmatic
  • info rtp gacor hari ini
  • info rtp live hari ini
  • link rtp live
  • slot gacor
  • slot88
  • link slot gacor
  • situs slot gacor
  • gacor slot
  • Slot gacor 2023
  • Slot gacor resmi
  • deposit gacor
  • slot gacor gacor
  • agen slot gacor
  • slot dana
  • slot deposit dana
  • link slot dana
  • main slot dana
  • slot deposit via dana 10 ribu
  • slot via dana
  • slot deposit via dana 5000
  • daftar slot dana
  • bapautoto
  • slot
  • slot online
  • slot gacor
  • rtp slot
  • link game slot
  • rtp slot
  • slot online
  • rtp live
  • rtp slot gacor
  • slot gacor
  • rtp live update
  • link rtp slot
  • slot deposit dana slot dana 5000 slot deposit dana 5000 slot dana slot deposit dana tanpa potongan slot deposit via dana slot deposit dana slot deposit via dana slot dana slot deposit dana tanpa potongan slot dana 5000 slot dana 5rb slot dana 5rb slot gacor slot online situs slot terbaik slot88 link slot gacor slot slot gacor hari ini togel togel online togel hk bandar togel prediksi togel