当前位置:首页 > 报告详情

勒索软件集团:卡特尔还是扭曲的科技独角兽?.pdf

上传人: 可*** 编号:991911 2025-12-07 34页 11.75MB

1、Get Proactive|Gain ControlRansomware Syndicates:Cartels or Twisted Tech Unicorns?Ferhat DikbiyikChief Research&Intelligence OfficerJanuary 20252Black Kite Confidential“If you know the enemy and know yourself,you need not fear the results of a hundred battles.”Sun Tzu,Art of WarBlack Kite Confidentia

2、lCartels*vs Ransomware GroupsBoth ask for ransom for the assets that they hold hostage.But do they share the same mindset?3(*)Cartels are organized crime groups that use violence,intimidation,and secrecy to control illegal operations and maximize profits,often disregarding the harm they cause to com

3、munities.4AspectCartelsRansomware GroupsPrimary MotivationTerritorial control,power,and financial gain.Financial gain through ransom paymentsJustificationOften seen as survival in socio-economic contexts.Framed as providing security services(post-paid pentest).Awareness of HarmFully aware they harm

4、individuals and communities.Claim to avoid harm,sometimes apologizing for unintended victims.StructureHierarchical,with strong central leadership.Decentralized,with affiliates and service providers(Ransomware-as-a-Service).RecruitmentCoercion or exploitation of socio-economic vulnerabilities.Skilled

5、 professionals voluntarily join for lucrative pay.Technology Use Minimal,mainly for communication and logistics.Extensive use of advanced tools,including encryption,data analytics,and marketing intelligence.5AspectCartelsRansomware GroupsPublic PerceptionFeared and reviled,seen as criminal organizat

6、ions.Attempt to frame themselvesas ethical service providers”in some cases.Methods of OperationViolence,physical intimidation,and trafficking.Digital infiltration,extortion,and data encryption.Geographic ReachLimited by physical borders and supply chains.Global reach,limited only by internet access.

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: 1. ** ransomware 组织与卡特尔对比**: ransomware 组织与卡特尔在动机、结构、技术使用等方面存在显著差异。卡特尔更侧重于领土控制和非法操作,而 ransomware 组织则更像是技术驱动的犯罪企业,以财务收益为目标。 2. ** ransomware 组织类似“独角兽”企业**: 这些组织具有复杂的商业模式,包括 RaaS(Ransomware-as-a-Service)和多样化的收入来源,如订阅模式、产品销售和投资。 3. **攻击趋势**: ransomware 攻击的目标逐渐转向医疗保健行业,且攻击手段日益复杂,如利用漏洞、钓鱼和社会工程学。 4. **攻击选择目标**: 攻击者倾向于攻击那些过去已支付赎金的受害者,以及那些更容易支付赎金的组织。 5. **风险管理因素**: 技术因素包括漏洞、泄露的凭证、偷窃日志和开放的端口;非技术因素包括地理位置、行业和年收入。 6. **预防措施**: 建议采取主动防御策略,包括补丁管理、端点安全、电子邮件和网络安全、数据备份和恢复。 7. **关键数据**: 2024年1月至9月,医疗保健行业 ransomware 攻击受害者数量增长了5.5%,而其他行业则有所下降。
黑帮还是科技独角兽?" ransomware 集团如何选择目标?" 如何防患于未然?"
客服
商务合作
小程序
服务号
折叠