As 2021 draws to an end, it’s safe to say it was an eventful year from a cybersecurity perspective. Ransomware became the go-to for cybercriminal gangs and insecure databases still plagued organisations. So, what’s on the horizon for 2022? More of the same or will hackers turn their attentions elsewhere? We asked some security experts for their thoughts:
Ransomware groups aren’t retiring, they’re re-branding, said Wade Lance, Field CTO at Illusive
“Don’t believe the hype. REvil and BlackMatter are not “shutting down” due to external pressure from the government and law enforcement agencies. We’ve seen these groups disappear and then pop back up a few months later, sometimes with a new name. Before BlackMatter it was DarkSide. It’s like Soundgarden breaking up, only to come back with some adjustments as Audioslave, then going solo as Chris Cornell. These transformations for ransomware groups will become the source of new attacks. This isn’t just re-branding, it’s re-architecting. There will be new methods of initial attack and penetration, and enhanced approaches to move laterally in the network. There will be new methods of operation to avoid arrest and infrastructure takedown. And there will be loosely affiliated networks of solo operators that pick and choose who they work with through a robust cybercrime underground, just like rotating new drummers through a band. In 2022 we expect to see more aggressive and complex ransomware efforts.”
And Lior Div, CEO at Cybereason believes to continue to combat ransomware, we need to focus on RansomOps:
“What we see today is not that simple. We now have ransomware cartels—like REvil, Conti, DarkSide, and others—and ransomware is not a piece of malware, but rather comprehensive ransomware operations, or RansomOps, where the execution of ..
Support the originator by clicking the read the rest link below.
