Ransomware Analysis Suggests A Bleak Future

Uploaded on 2017-10-19 in NEWS-News Analysis, GOVERNMENT-Police, FREE TO VIEW

The future of ransomware does not offer any good news, as analysis shows new tactics and advances made by its perpetrators.

According to analysis by Carbon Black’s Threat Analysis Unit of 1000 ransomware samples, researchers found that ransomware will increasingly target Linux systems and look to conduct SQL injections to infect servers and charge a higher ransom price.

The research also found that ransomware will become more targeted by looking for certain file types and targeting specific companies such as legal, healthcare and tax preparers rather than 'spray and pray' attacks we seen commonly now.

Speaking to Infosecurity, Rick McElroy, security strategist at Carbon Black, said that often, ransomware operators have support networks that “have enabled anyone to do ransomware.”

He said: “In 2018 it will be more targeted and as we learn more information we can better join the dots up.”

In terms of other future trends, Carbon Black found that ransomware will take the extra step of exfiltrating data prior to encryption, and emerge as a secondary method when initial forms of attack fail, and be used as a smokescreen to distract from other attacks.

“We have to do more to raise awareness to see the problem, not only on the way that this is to be done as a distraction, but how tools like DDoS have been used and the trend will grow,” McElroy said.

The other trends were that ransomware will be used more commonly as a false flag, as seen with NotPetya, and finally that ransomware will increasingly leverage social media to spread, enticing victims to click links.

Andrew Hay, CTO of Leo Cyber Security, told Infosecurity: “In my experience, ransomware is more opportunistic than targeted. Only after a foothold is established, and the attacker realizes a particular target is worthwhile, will it evolve into a more targeted activity.

“Spray and pray is still the preferred mechanism for ransomware.”

Infosecurity:

You Might Also Read:

Stolen Nude Photos & Hacked Defibrillators: Is This The Future Of Ransomware?:

A New Form Of Ransomware  Attacks UK Hospital:

« Could the US Use A Cyber Attack To Take Down N. Korea?
Facebook's Algorithm And Russian Ads »

Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

WEBINAR: How to build an effective Cloud Threat Intelligence program in the AWS Cloud

WEBINAR: How to build an effective Cloud Threat Intelligence program in the AWS Cloud

Thursday, Jan 28, 2021 - Join this webinar to learn how to improve your Cloud Threat Intelligence (CTI) program by gathering critical cloud-specific event data in the AWS Cloud.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BSI

BSI

The BSI is the central IT security service provider for the federal government in Germany.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

International Consortium of Minority Cybersecurity Professionals (ICMCP)

International Consortium of Minority Cybersecurity Professionals (ICMCP)

ICMCP was launched to help bridge the ‘great cyber divide’ that results from the underrepresentation of minorities and women in the field of cyber security.

Connax

Connax

Connax's mission is to give simple and secure device integration with various IoT platforms, their applications and services.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.