INFRA
INFRA
INFRA
Report finds ransomware is becoming just another tool in the hacker utility belt
Ransomware is evolving into just another tool in hackers’ utility belts as cybercriminals move away from opportunistic attacks and move on to more profitable types of attacks, according to a report from Recorded Future’s Allan Liska.
The “5 Ransomware Trends to Watch in 2018” report examines the changing ransomware landscape, noting trends such as ransomware as a service that are already well known but also highlighting some surprising findings, particularly in light of attacks such as WannaCry in 2017.
Liska first described the shift away from opportunistic attacks, reflected by a rapid drop in the number of exploit kits being used. “The big EKs of 2016/2017, Sundown, Neutrino, and RIG, have fallen off,” Liska notes, with “no new EKs have stepped in to fill the void. This has occurred, in part, because there are fewer zero-day browser exploits to use in these EKs, rendering them less effective.”
Of those EKs still in existence, their focus has changed, with Liska saying that RIG has switched to delivering cryptocurrency miners rather than ransomware. “In general, there has been a move away from ransomware to cryptocurrency miners, largely for the same reasons that lead to the rise of ransomware in the first place,” Liska writes. “At this point, cryptocurrency miners are more profitable than ransomware” but “they are also more difficult to defend against. Until the security community catches up, cryptocurrency miners will continue to be profitable for attack groups.”
Liska noted that ransomware attacks have continued to drop off, but some industries will continue to be targeted, particularly healthcare. “Hospital attacks have not abated recently, instead they continue to move along at a steady pace and continue to be effective,” Liska said.
Despite the drop in ransomware attacks, ransomware as a service is poised to remain popular because it allows attackers to rent ransomware infrastructure rather than develop it themselves. That’s both “attractive to less experienced attackers because it allows them to get into the ransomware game quickly and painlessly,” Liska noted, and it “also appeals to more experienced hackers as well because it guarantees them a revenue stream, selling the RaaS to inexperienced newcomers.”
Photo: christiaancolen/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
