When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

As businesses navigate the digital landscape, the threat ofransomwareis rising.

Every day brings innovative techniques for cyber criminals to perform more advanced and complex attacks.

A dark figure in a hoodie representing a hacker.

Organizations must be aware of these evolving techniques and adapt their defense strategies accordingly.

Offensive Research Evangelist, CyberArk Labs.

They employ many different tactics, techniques and procedures to advance their missions, including the examples highlighted below.

Initial Infection: Securing initial access presents a diverse range of options for attackers.

Some opt for exploiting vulnerabilities, utilising common vulnerability exploitations (CVEs) against susceptible targets.

Others resort to stealing, forging, altering or manipulating cookies from users' web sessions.

Alternatively, they employ phishing emails to deceive users into downloading genuine applications.

Persistence: Attackers leverage legitimate software to establish backdoors, ensuring persistence and command and control.

Many default software programs on a machine become potential targets for hijacking, guaranteeing the execution of malicious programs.

Lateral Movement: Certain tools inadvertently facilitate malicious privilege escalation and lateral movement.

Legitimate access to encrypted data can be compromised to bypass encryption controls.

Data Exfiltration: Ransomware operators employing double-extortion techniques often utilize legitimatebackup softwaretools or similar programs for data exfiltration.

Malicious actors are also adapting their tools to target multiple platforms and operating systems.

For instance, they employ the cross-platform language Rust to targetLinux.

macOS is not exempt, with attackers exploiting Find My iPhone to infectAppledevices.

In particular, embracing an identity-centric defense-in-depth approach is key.

We’ve listed the best online cybersecurity courses.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc.

If you are interested in contributing find out more here:https://www.techradar.com/news/submit-your-story-to-techradar-pro