Excerpts from Modern Bank Heists – Ransomware

Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Carbon Black recently published a report on the latest ransomware attack methods, and how to counteract them. For more information about how Cb Defense, Carbon Black’s NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo, every Wednesday at 2PM EST, 11AM PST.

Modern Bank Heists

Cyberattacks & Lateral Movements in the Financial Sector


90% of financial institutions reported being targeted by a ransomware attack during the past year. CryptoLocker. GoldenEye. Locky. WannaCry. 2017 was, perhaps, the most notorious year on record for ransomware. Even a casual news consumer can identify the menacing ransomware attacks that have cost worldwide businesses as much as $1 billion in 2017, according to FBI data. Financial institutions are clearly not immune. The overwhelming majority of CISOs in our survey reported seeing some kind of attempted ransomware attack during the past year.

This is not surprising. Last year, Carbon Black researchers monitored 21 of the largest dark web marketplaces for new, virtual offerings related to ransomware. Our research found a 2,502% increase in the sale of ransomware on the dark web. This increase is largely due to a simple economic principle – supply and demand. Cybercriminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies. In addition, a basic appeal of ransomware is simple: it’s turnkey. Unlike many other forms of cyberattacks, ransomware can be quickly and brainlessly deployed with a high probability of profit. In our previous report, we found more than 6,300 estimated dark web marketplaces selling ransomware, with more than 45,000 current listings.

For ransomware authors, successful creation and selling of ransomware offerings appears to be fruitful. Based on our research, some ransomware sellers are making more than $100,000 per year simply retailing ransomware. In some instances, this is double the salary for legitimate software developers, who pull in an average of $69,000 a year, according to PayScale.com. (In Eastern Europe developer salaries are a bit lower, hovering around $45,000.)

That being said, the true untouchable hackers are becoming punitive. Several survey respondents (1 in 10) reported encountering destructive attacks unrelated to ransomware. The “bank heist” is becoming a hostage situation. We will continue to track this trend in future reports.



Listen to our security experts at Carbon Black and Network Security Engineer Christopher St. Amand at PeoplesBank during a recent webinar where we discussed the benefits of cloud-based security platforms and how they apply to your specific needs.

Watch Now

Thanks for joining us as we explored “Modern Bank Heists,” our report on the changing landscape of cybercrime in the financial sector and how to arm your institution against a breach. You can click here to get a copy of the full report. Join us next week as we continue to profile this report.

The post Excerpts from Modern Bank Heists – Ransomware appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?