Data from CrowdStrike has shown a rise in what the firm refers to as “big-game hunting” over the past 18 months. These attacks focus on high-value data or assets within organizations that are especially sensitive to downtime—so the motivation to pay a ransom is consequently very high.
“Big-game hunters are essentially targeting people within an organization for the sole purpose of identifying critical assets for the purpose of deploying their ransomware,” said Jen Ayers, CrowdStrike’s Vice President in charge of the Falcon OverWatch threat-hunting service in an interview with Ars. “[Hitting] one financial transaction server, you can charge a lot more for that than you could for a thousand consumers with ransomware — you’re going to make a lot more money a lot faster.”
It’s amazing how many servers lack security patches, or sometimes even just password protection.