Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms.
It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean for ransomware tactics.
A couple of recent surveys and reports shed light on a decrease in ransomware payments.
One in particular from Coveware found that while 85% of ransomware victims paid the ransom in early 2019, that figure dropped to just 29% paying up by late 2023.
There's been a big push toward educating businesses and individuals about the risks of ransomware and the importance of cybersecurity hygiene.
Governments are opting for a harder stance against ransomware gangs by disrupting their operations in coordinated stings, sanctioning companies involved in ransom payments, and generally encouraging victims to report attacks rather than pay the ransom.
These actions together reduce the operational capabilities of ransomware gangs and make the ransomware business model less profitable.
On a related note, there's growing recognition that paying ransoms not only fuels the ransomware economy but also does not guarantee that data will be decrypted or that it won't be sold or leaked later.
It's a bit early to assume that ransomware gangs will disappear just because fewer companies pay up.
Here are some ways ransomware gangs' tactics might evolve in response to declining ransomware payment rates.
Given ransomware gangs' general lack of moral compass, an obvious potential evolution is for threat actors to more aggressively extort victims and increase the odds of getting paid.
Ransomware groups may spend more time researching and targeting specific industries or organizations they believe are more likely to pay.
Ransomware code is often straightforward for security researchers to reverse engineer and inspect what it does.
Modernizing ransomware code could involve several strategies aimed at improving the effectiveness, stealth and impact of attacks.
Another possible tactic is developing ransomware in more secure languages like Rust, making it harder to analyze how it behaves.
There could be an increase in attempts to recruit or exploit insiders to facilitate ransomware attacks and even increase the impetus to pay up.
While it's encouraging to see declining ransomware payments, this doesn't mean the threat is diminishing.
On the contrary, as ransomware gangs evolve their tactics and become more aggressive, the threat landscape becomes even more complex.
Modern ransomware can infiltrate individual endpoints and entire cloud infrastructures, which calls for a comprehensive and proactive approach to cybersecurity across endpoints, networks and cloud environments.
Nuspire's managed detection and response provides you with a team of dedicated cyber experts who monitor and respond 24/7 across your cloud, network and endpoints to stay one step ahead of ransomware attackers.
This Cyber News was published on securityboulevard.com. Publication date: Wed, 14 Feb 2024 01:43:03 +0000