U.S. agencies warn of Phobos ransomware attacks on government entities and critical infrastructure since May 2019. The attacks exploit vulnerabilities and use advanced techniques for persistence and elevated privileges. Despite the high ransom costs, paying does not prevent new attacks, with 78% of victims being attacked again.
air gapping doesn’t really help when basically any interface is an attack vector.
evil maid attacks still work.