top of page

Fighting Evolving Ransomware

Ransomware attacks are growing in frequency and intensity, and are causing chaos for organizations of all sizes and sectors. In the aftermath of the global COVID-19 pandemic, this became particularly clear, as the almost overnight mass exodus to remote working opened up new avenues for bad actors, seeing this scourge skyrocket.

Concurrently, the cyber threat landscape is a rapidly evolving one, and adversaries grow more cunning and determined each year. For example, we have seen an increase in double extortion ransomware attacks, which has increased the stakes dramatically.

Instead of simply encrypting data and systems and asking and demanding a ransom for the decryption key, ransomware criminals are exfiltrating their victims’ data to a remote location before encrypting it and threatening to publish or leak the information if the ransom isn’t paid. As you can imagine, the combination of encryption and data exposure is highly alarming for businesses, and is proving extremely successful for attackers.

And not only are ransomware gangs sharpening their skills, they are demanding increasingly large sums of money. Perhaps due to the success of their attacks, they are asking for (literally) outrageous amounts of money, with studies revealing that the average ransom request rose by 500% from 2020 to 2021.

Another trend we’ve noticed is the emergence of ransomware-as-a-service, or RaaS, which is gaining a lot of traction. In essence, RaaS is a malicious, subscription-based business model where the gangs and authors behind ransomware attacks lease out their tools of malfeasance to affiliates via the dark web, even offering customer service and support. Operators behind RaaS often receive a percentage of the profits earned during RaaS campaigns.

Cyber crooks who buy RaaS can launch large-scale ransomware attacks with no technical expertise. In fact, even those with the most rudimentary technical knowledge can deploy a successful ransomware attack using RaaS, indicating that the threat isn’t going anywhere.

So, what can be done about ransomware? As with any threat, the best form of defense is being prepared, which can be achieved through proper training. With this in mind, Alexander Antukh, founder of Cyber Hermes, has partnered with cyber security training expert itrainsec to bring ransomware training to the market.

According to him, Cyber Hermes is always looking for new ways to improve its services and provide maximum value to its customers, and the partnership grew from the idea that joining forces would be beneficial for both entities’ current and future customers. “We strongly believe that prevention is better than cure, which is in line with itrainsec's security awareness initiatives,” he adds.

The partnership will broaden Cyber Hermes’ portfolio and enable the organizations to provide ransomware-related and other specialized security trainings to their clients. "Furthermore, we are evaluating a variety of cooperative participation opportunities in security conferences and other events,” Alexander adds.

As for the course itself, the companies understand that being in a scenario where your organization has been targeted by ransomware, and bad actors are threatening to destroy the business and expose your most sensitive data can be extremely distressing.

“This is precisely when the majority of post-breach errors occur. Our main goal is to educate key decision makers on what to do in the event of a worst-case cyber incident,” he says.

Those who attend the training will benefit in several ways. They will gain a thorough understanding of ransomware, as well as the current threat landscape, and will learn about frequent breach patterns across their industries. In addition, they will understand the main factors to consider when selecting the best crisis management strategy, as well as the psychological tricks used by hackers. Finally, they will learn and master a proven negotiating protocol that will improve their odds of success, as well as gain expert knowledge of post-restoration procedures.

For more information, and to book, click here.


Finding yourself in a situation where your company has been hit by ransomware, your systems and data are paralysed and hackers are threatening to destroy or expose your data can be highly stressful. Unfortunately, attackers are aware of this and take advantage of the situation, which is why this is the time in which most post-breach mistakes happen. This training will cover the current threat landscape and the characteristics of the different ransomware families and breach patterns that are employed. Additionally, by gaining insights into the attackers` mindset you will be better prepared to assess the situation, implement the best crisis management strategy, and execute a negotiation protocol to minimise the damage as much as possible.


bottom of page