Ransomware Is Headed Down a Dire Path

At the end In September, an emergency room technician in the United States gave WIRED a real-time account of what it was inside their hospital Ransomware attack stirred up. With their digital systems locked by hackers, healthcare workers were forced to backup paper systems. They were already pushing to manage patients during the epidemic; The last thing they needed was more chaos. “It’s a life-or-death situation,” the technician said at the time.

This year the same scenario was repeated as waves of ransomware attacks across the country. crashed down At the peak in September and October, on hospitals and health care provider networks. School districts, meanwhile, were provoked by attacks that crippled their systems, as students attempted to return to the classroom, either in person or from afar. Corporations and local and state governments alike faced similar attacks at alarming rates.

Ransomware has been around for decades, and is a fairly straightforward attack: hackers distribute malware that largely encrypts data or blocks access to a target’s system, and then pays to release digital hostages Let’s demand. This is a well-known threat, but one is difficult to erase – something as simple as clicking a link or downloading a malicious attachment can help attackers set foot to what they need. And even without that type of human error, large corporations and other entities such as municipal governments still struggle to devote the necessary resources and expertise to laying down basic defenses. After witnessing these attacks in 2020, however, respondents to the event say the problem has escalated and the ransomware forecast for next year seems to be quite severe.

“I see no reason why ransomware slows down in 2021,” says Charles Carmackel, senior vice president and chief technical officer of cybercity firm Mandiant, which is owned by FireEye. “Everything that has been played this year I believe it is going on. Just keep on deteriorating until something really dramatic happens. I am apprehensive that the threat actors are more disruptive.”

Although some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as the next step in gradual and, unfortunately, predictable deviations. After years spent honing their techniques, the attackers are growing the folder. They have begun to include other types of extortion, such as blackmail, in their arsenal, by intruding an organization’s data and threatening to leave the victim if the victim does not pay an additional fee. Most importantly, ransomware attackers have transitioned from a model in which they kill multiple individuals and collect multiple small ransom payments, where they carefully plan attacks against one Small set of big targets With which they can ask for ransom on a large scale. Antivirus firm Emsisoft found that the average requested fee increased from $ 5,000 in 2018 to about $ 200,000 this year.

For all this to happen, the ransomware gangs are professionalized. An entire underground economy has evolved to provide support services such as theft credibility or even consulting with network access specialists. As a result, says Amisoft threat analyst Brett Callow, it’s not so much the amount or pattern of attacks that have changed, it’s that those attacks have become even more effective and intrusive.

“Ransomware always has peaks and troughs,” Callow says. “I really think that things haven’t changed much over the course of the year. This is something that happens slowly over a period of time. But where credit is due to credit, ransomware groups have started to grow their business. Has done a tremendous job. “

Researchers and respondent to the event are completely focused on trying to change the course of the ransomware threat. On Monday, Institute of Security and Technology Launched Ransomware task force with partners like Microsoft Shadow Foundation, Citrix, and McAfee.