Ransomware Analysis Suggests A Bleak Future

Uploaded on 2017-10-19 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The future of ransomware does not offer any good news, as analysis shows new tactics and advances made by its perpetrators.

According to analysis by Carbon Black’s Threat Analysis Unit of 1000 ransomware samples, researchers found that ransomware will increasingly target Linux systems and look to conduct SQL injections to infect servers and charge a higher ransom price.

The research also found that ransomware will become more targeted by looking for certain file types and targeting specific companies such as legal, healthcare and tax preparers rather than 'spray and pray' attacks we seen commonly now.

Speaking to Infosecurity, Rick McElroy, security strategist at Carbon Black, said that often, ransomware operators have support networks that “have enabled anyone to do ransomware.”

He said: “In 2018 it will be more targeted and as we learn more information we can better join the dots up.”

In terms of other future trends, Carbon Black found that ransomware will take the extra step of exfiltrating data prior to encryption, and emerge as a secondary method when initial forms of attack fail, and be used as a smokescreen to distract from other attacks.

“We have to do more to raise awareness to see the problem, not only on the way that this is to be done as a distraction, but how tools like DDoS have been used and the trend will grow,” McElroy said.

The other trends were that ransomware will be used more commonly as a false flag, as seen with NotPetya, and finally that ransomware will increasingly leverage social media to spread, enticing victims to click links.

Andrew Hay, CTO of Leo Cyber Security, told Infosecurity: “In my experience, ransomware is more opportunistic than targeted. Only after a foothold is established, and the attacker realizes a particular target is worthwhile, will it evolve into a more targeted activity.

“Spray and pray is still the preferred mechanism for ransomware.”

Infosecurity:

You Might Also Read:

Stolen Nude Photos & Hacked Defibrillators: Is This The Future Of Ransomware?:

A New Form Of Ransomware  Attacks UK Hospital:

« Could the US Use A Cyber Attack To Take Down N. Korea?
Facebook's Algorithm And Russian Ads »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Global Information Assurance Certification (GIAC)

Global Information Assurance Certification (GIAC)

GIAC provides certification in the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

Cyber8Lab

Cyber8Lab

Cyber8Lab provides cybersecurity training programmes simulating real world cybersecurity incidents such as web defacement, malware, phishing, digital forensics analysis and wireless intrusion.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Penta Security

Penta Security

Founded on its data encryption technology, Penta Security is a leading provider of web and data security products, solutions and services.

IronNet Cybersecurity

IronNet Cybersecurity

IronNet’s product and services provide enterprise-wide security management and visibility of your network, users and assets.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

Ntirety

Ntirety

Ntirety Managed Security Services offer enterprise businesses the advanced tools, processes, and support to ensure your infrastructure, networks, and mission-critical applications are secure.

New Enterprise Associates (NEA)

New Enterprise Associates (NEA)

As one of the world’s largest and most active venture capital firms, NEA has developed deep domain expertise and insight into our industries of focus - technology and healthcare.

Option3

Option3

Option3 (formerly Option3Ventures - O3V) primarily seek control investments in the growing cybersecurity mid-market, seeking to build champions with the scale to bring cutting-edge products to market.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Start Left® Security

Start Left® Security

Great security culture doesn't just happen; you ENGINEER it.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

BugProve

BugProve

BugProve offers a firmware analysis tool that speeds up security testing processes and supports compliance needs by automating repetitive tasks and detecting 0-day vulnerabilities.

Beazley Security

Beazley Security

Beazley Security is a global cyber security firm committed to helping clients develop true cyber resilience: the ability to withstand and recover from any cyberattack.