In this issue we continue to explore the hot-button topic of ransomware and how it is becoming increasingly sophisticated. Here are five significant trends to look out for:
- Double extortion. In this concerning trend, attackers steal and encrypt victims’ files and sensitive data like passwords and financial information. They then threaten to release the information publicly unless the victim pays a ransom.
- Ransomware-as-a-service (RaaS). Threat actors who offer RaaS enable less technically skilled criminals carry out ransomware attacks, leading to an increase in incidents.
- Attacks on critical infrastructure. Alarmingly, ransomware attackers are increasingly targeting hospitals, electricity grids, water utilities and other critical infrastructure entities they believe are more likely to pay ransoms to avoid disruptions. This strategy poses severe implications for public safety and the economy.
- Artificial intelligence (AI). Ransomware producers are now incorporating AI and machine learning techniques into their malware to target specific victims and evade antivirus software detection. We expect ransomware developers to continue using this advancing technology for more devious ends as they become more proficient in their tactics.
- Expanded scope. Unfortunately, we also anticipate that ransomware will evolve beyond extortion and infiltrating traditional operating systems and infrastructure to encompass automated targeting of vulnerabilities to gain access, reconnaissance mapping a victim’s environment, identifying assets of interest, and more precisely targeting infrastructure.
Fortunately, instituting and adhering to essential basic hygiene measures like multifactor authentication, firewall and endpoint protection, regular software updates, and file backups can go a long way in avoiding and mitigating ransomware attacks.