“If you want to go quickly, go alone, but if you want to go far, go together.”
This African proverb opens the Sophos 2021 Threat Report, and in view of recent cybersecurity events, its meaning is very important when it comes to defending against ransomware attacks. As threat actors work together to provide ransomware-as-a-service, defenders also need to focus on working together, even when teams are separated in home offices.
As ransomware trends change in 2021, what should we look out for? An overview of the Sophos report provides some ideas.
The Psychology of Ransomware Attacks
Ransomware attacks are effective because they prey on one thing technology cannot protect: emotions. While the way threat actors are doing this has changed through 2020, the basics are still the same.
Threat actors in this space need to manipulate their victims. If you can’t be manipulated — via phishing, instant messages or some other vector — into accepting a payload onto your device or network, you are in a good position to stop ransomware. More sophisticated actors will use remote desktop protocol or drive-by attacks to infect a system, but that’s for your cybersecurity team to handle.
Ransomware attacks also need to generate urgency or fear. Invoking emotions that drive people to react right away, real or perceived are critical to a successful attack. You can still be a victim if you stay cool, but keeping your cool allows you to respond and recover better.