Ransomware Special Reports

Future threats and how to face them By Ann-Marie Corvin W e asked six security experts how the threat landscape is likely to evolve.

the victim’s passwords and systems. With that they can do anything they want to do (steal data and passwords, install crypto mining trojans, create botnets, do DDoS attacks, send out phishing attacks to name but a few examples). The ransomware gangs of the future therefore will look to every compromised victim as a potential bag of money and ask themselves how they can maximise their potential revenue. Eventually it will be’ good guy bot versus bad guy bot’ and the best bots with the best AI-algorithms will win.” Roger Grimes, data driven defence evangelist at KnowBe4 (knowbe4. com) “As defenders got better at do - ing backups and “simply” restoring lost files, ransomware writers also adapted. Now they exfiltrate files and threaten to release them unless the ransom is paid. They also message the victim’s customers and threaten them unless they pay. I’ve personally been on the receiving end of that after a data breach of one provider, receiving emails that have my name and home address and threatening to perform a home invasion and kill my family unless I pay them.” Michael Smith, field CTO, Neustar Security Services

“Given the history of ransomware and how the threat has developed in recent years, it’s likely that we will see smaller franchise-style ransomware operations which will either switch to pure exfiltration and abandon encryption of devices entirely or use ransomware software purchased from developers on criminal forums. Exfiltrating data from specific ma- chines is easier than spreading ran - somware across a whole network. It’s less noisy and there is no complicated or unsuccessful process of trying to restore encrypted files upon a suc- cessful negotiation, a frequent issue.” Cian Heasley, security consultant, Adarma “As fuel bills continue to be a growing concern for businesses and con - sumers at present, threat actors will weaponise operational technology environments more successfully than ever before, striking when energy providers are otherwise preoccupied. Given the global energy industry is already facing a turbulent time, we are most likely to see a major energy supplier taken offline, with threat ac- tors tapping into these vulnerabilities and holding the service to ransom for their own gains.” Todd Moore, VP for encryption products, Thales

“Ransomware incidents in Europe are likely to stabilise but will continue to grow dramatically in other EMEA re- gions. As these move towards a more digital economy, they are increasingly exposed to attacks. Cyber criminals are taking what they have learnt from Europe and are applying these les - sons to a new ground.” Quentyn Taylor, Canon EMEA infor- mation security and global incident response senior director “With attacks still generating so much money for criminals, the number and impact of ransomware attacks will increase but this could lead to in - creased cybersecurity regulation and prevention guidance. However, the reality is that the future of ransomware is very much here already. The number of hacks on IoT devices, reusable third-party soft- ware and OT will only continue to grow, given the success bad actors have seen in recent years.” Daniel Dos Santos, head of security research, Forescout “Ransomware gangs are becoming hack-everything-gangs. They will do whatever it takes to get money. The “gold” ransomware gangs have is not the ransomware. It’s the access to


Powered by