Cybercriminals gain unauthorized access to computers or servers through weak RDP credentials and deploy ransomware.

How it Works:

• Organizations enable RDP for remote work but often use weak passwords or fail to implement two-factor authentication (2FA).
• Hackers brute-force attack or buy stolen credentials from the dark web.
• Once inside, they escalate privileges to access critical files.
• Ransomware is manually deployed, locking systems and demanding ransom.
• Manufacturing, retail, and healthcare industries are frequent victims.

Ransomware Attack on Oil India Limited (2022)

Details:

• Hackers exploited outdated security software on Oil India Limited’s IT systems.
• The ransomware encrypted confidential operational data, affecting oil exploration and drilling operations.
• Attackers demanded a ₹57 crore ransom in cryptocurrency.
• Oil India refused to pay, and cybersecurity experts worked to restore the system.