When it comes to the cyber threats, botnets and ransomware are currently dominating according to a Microsoft security study. The researchers collected the report by analysing data from Bing, Windows, Azure and Office 365. It seems to be essential for enterprises to be aware of such threats and come up with safety mechanisms to protect their date from attackers.
How Hackers Are Evading Detection Lately
Security experts are having a hard time detecting and fighting Locky ransomware that goes hand in hand with the Necurs botnet that has been spreading through spam campaigns. The hackers responsible for botnets and ransomware have developed a new technique that uses DDE (Dynamic Data Exchange) to execute attacks making it hard to detect them.
DDM is a protocol crafted to allow the transfer of data between applications. It is a set of guidelines and messages that uses shared memory for data exchange. Through DDE, attackers have come up with a way that enables them to create malicious office-document-embedded codes without the interaction of the user. Using them, attackers link office applications and extract essential data from them.
How the Botnets and Ransomware Spread
Attackers are using botnet-powered massive campaigns to distribute ransomware to millions of users. Researchers believe that the substantial spam emails volume sent to users in hours are the primary channel through which the attackers spread ransomware. They also spread through drive-by downloads, messaging apps, and social networks.
It is more prudent to protect your business computers from infection than trying to detect it. Preventing attacks is procured by avoiding clicking suspicious links when browsing. Also, urge your employees against downloading attachments that are not needed. Proceed to get an antispyware and antivirus and turn on your firewall.
Despite the attackers using upgraded invasion techniques, it is easy to stay on the safer side. Update all your enterprise’s software and dismiss suspicious emails. Doing so will protect the entire corporation’s sensitive data.