Skip to content
Home Info & Advice

A ‘Triple Ransomware’ threat is here

Advantage Aware

A new type of ‘Remote Access Trojan’ (RAT) has been released and is being used to spread ‘Distributed Denial of Service’ (DDoS) and ransomware attacks. Dubbed the ‘Borat RAT’, it comprises of ransomware, spyware, and RAT.

With hidden VNC abilities, vast surveillance features, microphone and video capture capabilities and file exfiltration toolkits, the Borat RAT is extremely sophisticated, empowering an attacker with abilities to cause a system-wide disruption. Threat intelligence company, Cyble, investigated this threat. In their deep dive, they found alarming ‘features’ of the Borat RAT.

Annoyance capabilities are also included, such as changing keyboard keys, switching monitors, and changing ‘mouse click’ settings. Chrome browsers appear to be the most impacted and is readily available on the dark net.

The FBI recently released the 2021 Internet Crime Report which indicated cybercrime losses of almost 7 billion USD in 2021. The report states that the evolution of tactics and techniques demonstrates threat actors’ increasing technological sophistication.

What can we do?

  • Be wary of links within emails
  • Use strong passwords with MFA
  • Conduct regular backups
  • Use a well reputed anti-virus

More advanced defence strategies include:

  • Endpoint security
  • The ability to micro-segment if an endpoint has been compromised
  • Employing operational intelligence within your IDS/IPS
  • Real-time logging analysis with machine learning
  • A SOC team that can initiate action-based response

Defence-in-depth, firewall and antivirus may provide some protection against attacks, but an adaptive defence approach is the best strategy. Risk mitigation resources are expensive, time consuming, and present unrealistic technical requirements to many businesses. A Managed Security Service Provider (MSSP) can offer solutions that meet defence requirement requiring a reasonable budget.

An MSSP will be expected to provide all the defence strategies listed above, along with advice and help with implementation. Options could include cloud backup, 24/7 SOC availability with real-time monitoring, end-point security, zero trust architecture, tailored support solutions, access to global and local threat intelligence feeds, micro-segmentation tools and provide skilled dedicated security advisors.

Are you ready to take charge?  

Dr Antony
PhD, MISDF (1st Class), MBA
Senior Cyber Security Engineer
Advantage https://advantage.nz

Facebook
Twitter
LinkedIn
  • Read more

Related Posts

Incident Response Essentials: Preparing for the Inevitable.

No defence is perfect. From phishing and ransomware to insider misuse and cloud misconfigurations, security incidents are an unavoidable reality of doing business. What sets resilient organisations apart is how quickly and effectively they respond.

SOC Essentials: The Human Side of Cyber Defence.

In our increasingly digital and interconnected world, it is easy to view cybersecurity as a battle fought by machines—artificial intelligence, cutting-edge software, and automated tools working tirelessly to defend our organisations. Yet, amid this technological arsenal, one element stands out as irreplaceable: human expertise.

Login Security for Businesses: Advanced Strategies to Prevent Cyberattacks.

Sometimes the first step in a cyberattack isn’t code. It’s a click. A single login involving one username and password can give an intruder a front-row seat to everything your business does online. This guide looks at how to make life much harder for would-be intruders. The aim isn’t to drown you in tech jargon. Instead, it’s to give IT-focused small businesses a playbook that moves past the basics and into practical, advanced measures you can start using now.