EXECUTIVE SUMMARY:

Ransomware is one of the most disruptive and financially damaging cyber threats that modern organizations face. As a cyber security community, we’ve made great strides in combating ransomware attackers, data encryption and extortion. However, as expected, cyber criminals have responded by evolving their tactics.

This article explores the latest ransomware trends to remain aware of and mitigate. From emerging social engineering techniques to vicious voice-cloning schemes, discover the nascent strategies that criminals are employing to extort victims.

Forewarned is forearmed, as the saying goes. Are you keeping a pulse on adversary behavior? By understanding the current modus operandi of ransomware groups, organizations can effectively elevate their cyber security posture and stay a step ahead of attackers.

Three current ransomware trends

1. Phishing is old, but this kind of sophistication (and by extension cyber criminal success) is brand new. Experts are seeing that cyber criminals who collect breached data can use AI to parse through the information. Criminals can then organize it in such a way as to conduct highly targeted spear phishing attacks.

Instead of a single cyber criminal tricking a single individual into handing over private details through a targeted spear phishing attack, as in days of old, a cyber criminal can now leverage AI to do it for them. What was once a manual process has been automated, multiplying the results exponentially.

2. Voice cloning technology has been around for some time, but improved AI technologies mean that a small clip from an online video enables cyber criminals to replicate a voice with chilling levels of accuracy. This has previously led to wire fraud incidents, other unauthorized financial transactions, and ransom situations. Deepfake voice attacks are becoming increasingly difficult to detect and a represent a growing danger for organizations.

3. Ransomware-minded cyber criminals are constantly seeking out new software-based vulnerabilities to exploit. Cyber criminals are actively scanning for and exploiting bugs in exposed services, web applications, cloud environments and remote access solutions. While this reality isn’t new, some organizations have been slow to implement systems and processes that can close these types of security gaps. Be sure that your organization isn’t one of them.

Countering ransomware threats

Forward thinking organizations are adopting AI-driven cyber security solutions. These advanced tools leverage machine learning and natural language processing capabilities to detect and mitigate sophisticated phishing attempts, contextualize potential threats, and to proactively identify and remediate vulnerabilities, among other things.

Industry leaders are also emphasizing the utility of a multi-layered security approach. This refers to combining AI-driven defenses with robust incident response plans, network segmentation, data encryption and comprehensive vulnerability management programs.

A more severe ransomware onslaught

In light of recent law enforcement actions targeting affiliate networks, some ransomware operators may reduce the number of affiliates that they work with and replace them with AI-based models that can perform certain kinds of tasks. In turn, ransomware operators may force-multiply activities and negative outcomes.

While the full impact of such a transition may take months or years to manifest, it highlights the need for organizations to remain vigilant and focused on elevating cyber security strategies. As a cyber security leader, concentrate efforts around threat intelligence gathering, continuous monitoring and proactive vulnerability management.

As noted previously, embrace cutting edge technologies to fortify prevention and defense mechanisms. Learn more about leveraging AI to make your organization more resilient. Click here or read our latest eBook on the subject.

Lastly, subscribe to the CyberTalk.org newsletter for timely insights, cutting-edge analyses and more, delivered straight to your inbox each week.