EclecticIQ
nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Pandemic Intel week 39: Big Game Hunting Ransomware TTPs Create Threat to Human Life

Fusion Center September 22, 2020

EIQ_corona_FC_CTI_report_blogimage39

Key Findings
  • Big Game Hunting Ransomware TTPs Create a Threat to Human Life.
  • Vaccine Data Remains a High Value Target.
  • Businesses With Continued Support for Remote Work Face Greater Risk of Cyberattack.
Analysis

Demonstrated Shift In Ransomware TTPs Drives Further High-risk To Hospitals And Health Care.

A Ransomware attack targeted The Dusseldorf University Hospital in Germany, forcing the hospital to reroute inbound patients and reduce operations. One person has died possibly because of the attack’s effect on hospital operations. An investigation is ongoing. Ransomware operators demonstrate a clear and continued shift in strategy towards Big Game Hunting TTPs (Tactics, Techniques, and Procedures), where they actively target organizations in high-value/critical industries more likely to pay ransoms. This is perhaps the first instance of ransomware directly impacting human health.

The threat from ransomware remains high despite an overall decline in ransomware payload detections during the first six months of 2020. Ransomware has declined significantly in relation to all malware payloads detected via phishing. The remaining positive ransomware detections in the first half of 2020 represent a clear, continued shift in ransomware attack patterns to Big Game Hunting TTPs. Phishing represents one of the most popular delivery vectors for ransomware historically. 

 

Vaccine Data Experiences Continued High-Risk of Cyberattack Exposing its High-Value.

Chinese hackers have possibly stolen data from research centers in Spain that are working on a Covid-19 vaccine. The head of Spain’s National Intelligence Center (CNI) - Paz Esteban - confirmed attacks against the health and pharmaceutical industry.

Spain ranks among the top-10 countries with 671.000 Covid-19 cases. The country runs 10 vaccine projects, and clinical trials started in Spain 14th September. Threat actors will probably intensify cyber-espionage campaigns as Covid-19 research advances to its final stages.

 

 

Businesses That Support Remote Work Environments Face Greater Risk to Cyberattack Than Those Resuming ‘Normal’ Operations.

Brute-forcing unsecured RDP endpoints remains a major infection vector for cybercriminals. Due to increased remote working, RDP enabled devices that are exposed to the internet rose by 40% since the pandemic began. RDP attack volume peaked in approximately March-April 2020, but exposed remote systems remain at very high risk of attack as indicated by new data.

Clicking on phishing links and providing credentials observed to be three times higher than before Pandemic. This threat is especially high to remote workers who may be working outside of normal security controls and defenses. Although current attack activity volumes are lower than earlier in the pandemic, remote workers remain at higher risk of exploitation compared to those under ‘normal’ work environments because of underdeveloped security practices that support remote environments.

Many organizations are standing up to new challenges to support remote environments. If companies need to continue to support these environments for their workforce, they should adhere to strict security standards in order to reduce the risk of cyberattack.

 

As Europe’s leading cyber threat intelligence company, we at EclecticIQ have decided to make use of our resources and provide the community with custom reports on threats connected to the COVID-19 pandemic throughout the duration of the crisis. This is the 27th report in a weekly series of updates to inform of important developments to COVID-19-themed attacks.

Receive all our latest updates

Subscribe to receive the latest EclecticIQ news, event invites, and Threat Intelligence blog posts.

3 more posts you might like

All Blog Posts (33)

Explore all topics

© 2014 – 2021 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo