A cyber security firm has reported that a number of recent cyber attacks in Asia are the result of hackers using the Dharma ransomware.

The attackers, who were described as “newbie hackers” by the report’s researchers, have been using simple tools and tactics to carry the attacks out on companies in Russia, Japan, India and China.

The tools used are publicly available and included the likes of NLBrute, Defender Control and Advanced Port Scanner amongst others. The Dharma ransomware itself was leaked online earlier this year which means it could be used by anyone who had obtained it without too much development.

Group-IB, the authors of the report, also noted that the group were requesting ransom payments of between $10,000 and $50,000 which, compared to other ransomware incidents, is relatively a small amount.

Ransomware is a growing cyber threat. The NCSC’s mitigating malware and ransomware guidance can help reduce:

  • the likelihood of becoming infected
  • the spread of the malware throughout an organisation
  • the impact of the infection

Report explores coronavirus impact on breaches

A report into the impact of coronavirus on businesses has revealed there has been an increase in cyber incidents as companies change their working practices.

Figures show that remote workers had caused a breach in 20% of organisations, whilst 18% of those surveyed said that cyber security was not a priority. The report, produced by Malwarebytes, was based on a survey of 200 IT and cyber security professionals.

It also covers the increased phishing threat which use coronavirus as a lure to trick people and the increase in home working.

The NCSC has published advice and guidance to help organisations of all sizes with their cyber security during the changes in work practices imposed by COVID-19.

The NCSC’s Board Toolkit provides resources to help encourage important conversations between decision makers and their technical experts to ensure cyber security is taken seriously.