Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.
Carnival operates AIDA, Carnival and Princess Cruises and other cruise lines.
According to Terence Jackson, Chief Information Security Officer at Thycotic, ransomware has evolved over the years from being something that required someone fairly skilled in writing code to a ransomware-as-a-service (RaaS) offering.
Jackson notes, "However, the skills that it takes to launch a ransomware attack have lessened. Exploit kits can be easily purchased off of the web now just like other commercial off-the-shelf software (COTS). Phishing is, and will likely continue to be, the preferred method for ransomware. It only takes one employee to open the door. This makes the attackers job much easier and again lowers to technical bar of entry to perpetrate an attack. As long as humans remain the weakest link in the defenses, ransomware attacks will continue to intensify.”
Shahrokh Shahidzadeh, CEO at Acceptto, notes that attacks appear to be more successful when leveraging a valid digital credential for planting ransomware and unfortunately, current binary approaches to authentication allow too many cybercriminals into networks, allowing them to effectively plant ransomware attacks.
Shahidzadeh adds, "The use of valid digital credentials which have been purchased on the dark web, or stolen out right in a breach, provides the best access for planting ransomware when a targeted organization doesn’t have a continuous, behavior-based authentication solution which would catch the inappropriate use of that credential. Ransomware attacks will continue to adapt and evolve, especially with the ease of access to stolen digital credentials and the current deployment of continuous authentication solutions. In short, if your organization doesn’t continuously authenticate every digital credential, the likelihood of a ransomware attack being successful goes up exponentially.”