Targeted ransomware plagues government sector
In 2019, ransomware operators’ shift to a more targeted approach allowed them to orchestrate attacks where organizations’ critical assets, systems, and services were sought after and compromised to bountiful effect. This shift in strategy involved novel attack techniques that enabled them to perform actions such as swiftly moving laterally into the network and deploying as many pieces of malware as possible. One of the more notable techniques operators used in the past year involved compromising rarely targeted resources, such as domain controllers and active directories, in order to cause bigger disruptions and subsequently force affected organizations to give in to their demands.
The effectiveness of the overall shift in strategy was tested and proved in ransomware attacks on the government sector, which became something of a global phenomenon in 2019. This trend was particularly prominent in the U.S., where a number of high-profile ransomware attacks on government entities occurred.