Skip to content

‘Dual’ ransomware suggests orgs rush the recovery

January 5, 2024 – Published on IT Brew

“Dual” ransomware, a term used in a September advisory from the FBI, is on the rise, according to the agency and other pros who handle ransomware response. The rise in back-to-back attacks is a sign to some that orgs are rushing to return to business following the first incident without properly shoring up defenses.

When one attack occurs, another set of criminals may see an opportunistic opening to go after a weakened target and the exhausted employees.

“They’ve worked hundreds of hours, and they’ve had to rebuild infrastructure that all originally took them years and years to get built and configured…People get done with that. And the last thing they want to do is continue that type of cadence,” said Drew Schmitt, practice lead on the research and intelligence team at the cybersec-services provider GuidePoint Security.

The FBI recommended mitigations in their September advisory, including data backups, complex passwords, and network segmentation.

Schmitt, a follower of ransomware trends, has noticed the growing duality of ransomware and aims to examine its roots more closely in 2024.

“What we’re going to really be focusing on is not only the trends associated with seeing this type of activity, but also trying to put some clarification into…whether or not these are coordinated,” Schmitt told IT Brew.

Read More HERE.