Fahmida Y. Rashid writes:
Ransomware attacks are increasingly using the Remote Desktop Protocol as the initial entry vector, taking advantage of the fact that many enterprises struggle to balance the risks of exposing RDP and the advantages of being able to access machines in multiple locations.
The Institute for Critical Infrastructure and Technology highlighted the growing use of ransomware and other types of “disruptionware” in 2019 against critical infrastructure and industrial networks. Adversaries targeting operational technology (OT) environments with attacks that are designed to disrupt business operations pose “an existential threat to critical infrastructure operators,” ICIT wrote in its paper.
Read more on Decipher.
Related: New Ransomware Formats Double (Sept. 11, 2019)