Ransomware Analysis Suggests A Bleak Future

The future of ransomware does not offer any good news, as analysis shows new tactics and advances made by its perpetrators.

According to analysis by Carbon Black’s Threat Analysis Unit of 1000 ransomware samples, researchers found that ransomware will increasingly target Linux systems and look to conduct SQL injections to infect servers and charge a higher ransom price.

The research also found that ransomware will become more targeted by looking for certain file types and targeting specific companies such as legal, healthcare and tax preparers rather than 'spray and pray' attacks we seen commonly now.

Speaking to Infosecurity, Rick McElroy, security strategist at Carbon Black, said that often, ransomware operators have support networks that “have enabled anyone to do ransomware.”

He said: “In 2018 it will be more targeted and as we learn more information we can better join the dots up.”

In terms of other future trends, Carbon Black found that ransomware will take the extra step of exfiltrating data prior to encryption, and emerge as a secondary method when initial forms of attack fail, and be used as a smokescreen to distract from other attacks.

“We have to do more to raise awareness to see the problem, not only on the way that this is to be done as a distraction, but how tools like DDoS have been used and the trend will grow,” McElroy said.

The other trends were that ransomware will be used more commonly as a false flag, as seen with NotPetya, and finally that ransomware will increasingly leverage social media to spread, enticing victims to click links.

Andrew Hay, CTO of Leo Cyber Security, told Infosecurity: “In my experience, ransomware is more opportunistic than targeted. Only after a foothold is established, and the attacker realizes a particular target is worthwhile, will it evolve into a more targeted activity.

“Spray and pray is still the preferred mechanism for ransomware.”

Infosecurity:

You Might Also Read:

Stolen Nude Photos & Hacked Defibrillators: Is This The Future Of Ransomware?:

A New Form Of Ransomware  Attacks UK Hospital:

« Could the US Use A Cyber Attack To Take Down N. Korea?
Facebook's Algorithm And Russian Ads »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

SEON Technologies

SEON Technologies

At SEON we strive to help online businesses reduce the costs, time, and challenges faced due to fraud.

TeskaLabs

TeskaLabs

TeskaLabs is a software vendor of cybersecurity and data privacy products.

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71)

Innovation Cybersecurity Ecosystem at BLOCK71 (ICE71) is Singapore's first cybersecurity entrepreneur hub.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

Take Five

Take Five

Take Five is a national campaign offering straight-forward, impartial advice that helps prevent email, phone-based and online fraud – particularly where criminals impersonate trusted organisations.

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute builds on the strength of its members in the area of network and communication security, artificial intelligence, big data and cyber physical systems.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

Eden Data

Eden Data

Eden Data is on a mission to break the outdated mold of traditional cybersecurity consulting. We handle all of your security, compliance & data privacy needs.

Digital.ai

Digital.ai

Digital.ai empowers organizations to scale software development teams, continuously deliver software with greater quality and security.

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.