Cyber Insights 2023 | Ransomware
February 2, 2023 – Published on Security Week
The key purpose behind cybercriminality is to gain money. Extortion has always been a successful and preferred method to achieve this. Ransomware is merely a means of extortion. Its success is illustrated by the continuous growth of ransomware attacks over many years.
The evolution of ransomware has not been static. Its nature has changed as the criminals have refined the approach to improve the extortion, and the volume (generally upward) has ebbed and flowed in reaction to market conditions. The important point, however, is that criminals are not married to encryption, they are married to extortion.
Drew Schmitt, lead analyst at GuidePoint Security, sees increased use of the methodologies that already work, combined with greater attempts to avoid law enforcement. “Ransomware groups will likely continue to evolve their operations leveraging critical vulnerabilities in commonly used applications, such as Microsoft Exchange, firewall appliances, and other widely used applications,” he suggested.
“The use of legitimate remote management tools such as Atera, Splashtop, and Syncro is likely to continue to be a viable source of flying under the radar while providing persistent access to threat actors,” he added.
But, he continued, “ransomware ‘rebranding’ is likely to increase exponentially to obfuscate ransomware operations and make it harder for security researchers and defenders to keep up with a blend of tactics.”
Warren expects to see criminal ransomware attacks focusing on smaller, less well-defended organizations. “State actors will still go after large institutions like the NHS, which implement robust defenses; but there are many small to mid-size companies that invest less in protection, have limited technical skills, and find cyberinsurance expensive – all of which makes them easy targets.”
This will partly be an effect of better defenses in larger organizations, and partly because of the influx of less sophisticated ransomware affiliates. “We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted,” he continued.
Read More HERE.