Ransomware Analysis Suggests A Bleak Future

The future of ransomware does not offer any good news, as analysis shows new tactics and advances made by its perpetrators.

According to analysis by Carbon Black’s Threat Analysis Unit of 1000 ransomware samples, researchers found that ransomware will increasingly target Linux systems and look to conduct SQL injections to infect servers and charge a higher ransom price.

The research also found that ransomware will become more targeted by looking for certain file types and targeting specific companies such as legal, healthcare and tax preparers rather than 'spray and pray' attacks we seen commonly now.

Speaking to Infosecurity, Rick McElroy, security strategist at Carbon Black, said that often, ransomware operators have support networks that “have enabled anyone to do ransomware.”

He said: “In 2018 it will be more targeted and as we learn more information we can better join the dots up.”

In terms of other future trends, Carbon Black found that ransomware will take the extra step of exfiltrating data prior to encryption, and emerge as a secondary method when initial forms of attack fail, and be used as a smokescreen to distract from other attacks.

“We have to do more to raise awareness to see the problem, not only on the way that this is to be done as a distraction, but how tools like DDoS have been used and the trend will grow,” McElroy said.

The other trends were that ransomware will be used more commonly as a false flag, as seen with NotPetya, and finally that ransomware will increasingly leverage social media to spread, enticing victims to click links.

Andrew Hay, CTO of Leo Cyber Security, told Infosecurity: “In my experience, ransomware is more opportunistic than targeted. Only after a foothold is established, and the attacker realizes a particular target is worthwhile, will it evolve into a more targeted activity.

“Spray and pray is still the preferred mechanism for ransomware.”

Infosecurity:

You Might Also Read:

Stolen Nude Photos & Hacked Defibrillators: Is This The Future Of Ransomware?:

A New Form Of Ransomware  Attacks UK Hospital:

« Could the US Use A Cyber Attack To Take Down N. Korea?
Facebook's Algorithm And Russian Ads »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

NetGuardians

NetGuardians

NetGuardians is a leading Fintech company recognized for its unique approach to fraud and risk assurance solutions.

Red Balloon Security (RBS)

Red Balloon Security (RBS)

Red Balloon Security is a leading embedded device security company, delivering deep host-based defense for all devices.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Rezilion

Rezilion

Rezilion is a stealth mode cyber-security start-up developing a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

Sky Republic

Sky Republic

Sky Republic offers a Smart Contract Platform to integrate and synchronize business networks beyond EDI and API.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Brookcourt Solutions

Brookcourt Solutions

Brookcourt Solutions delivers cyber security, network monitoring technologies and managed security services to help secure and protect your organisation’s critical infrastructure.

Etisalat and (e&)

Etisalat and (e&)

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

Smarsh

Smarsh

Smarsh products are designed for user-friendly, efficient compliance. From archiving, supervision, and discovery to cybersecurity – Smarsh has you covered.

Togggle

Togggle

Togggle offers seamless identity verification solutions and distributed infrastructure, enabling organizations to combat fraud and ensure compliance with data protection regulations.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.