Who is Darkside and why do these types of attacks happen?
May 2021 by Sunil Ravi, Chief Security Architect, Versa Networks
Darkside is a group that creates ransomware, that has professionally organised to launch large scale cybersecurity attacks on big organisations for the purpose of making money by demanding ransom from the organisations that become victims of their attacks.
Darkside cyberattacks typically encrypt customer data or steal customer data and delete the data from customers’ computers/systems. Upon successful attack, Darkside demands ransom from their victims, in order to decrypt data or restore the deleted data.
Cyberattacks are prevalent because of gaps in the cybersecurity defense mechanisms employed by organisations, an increased level of sophistication in the tools/methodologies used by malicious actors, or a. combination of both of these. Due to the dynamic nature of the way organisations deploy technology, and due to the security policies and controls not keeping up with the pace of changes, organisations end up having attack surfaces exposed for cyberattacks.