Ransomware gangs are changing their tactics.

Researchers detail how some ransomware groups are shifting towards smaller targets, but ones where they can still guarantee a significant payday.

The cost and risk of executing ransomware attacks is going up, making it harder for cyber criminals to carry them out, which could lead to a decline in the number of overall ransomware attacks. But that could mean some ransomware victims end up paying a heavier price.

Improve your security techniques. Strengthen end-user training

Ransomware is still running rampant, with several major incidents in the past week alone, but according to analysis by cybersecurity company Coveware, there are signs that recent changes could reduce the total number of ransomware attacks. 

But while the number of attacks could fall, there’s the possibility that the ransom demands made by successful ransomware groups could rise. 

A number of developments are likely to have improved cybersecurity of enterprises, making them more robust against attacks.

These developments include the Biden administration’s executive orders across US government agencies, the Colonial Pipeline bringing ransomware to the forefront of CEO’s minds and moves by cyber-insurance providers to require improved cybersecurity protocols before a policy is taken out or renewed.

Make Yourself Accountable

But it’s the rise in arrests relating to involvement in ransomware attacks that is cited as the biggest change to the ransomware landscape, with the arrest of several suspected REvil ransomware affiliates in Russia described as the most notable. 

According to analysis by Coveware, this move has increased the risk profile of being involved with ransomware attacks, and thus decreases the pool of cyber criminals, because some will decide the potential for being arrested and extradited isn’t worth the risk – to the extent that some are quitting.  

“The cost and risk of executing ransomware attacks are up, and if this trend continues, we expect to see the aggregate volume of attacks begin to decrease,” said researchers. 

However, while a decrease in the number of attacks would be a positive overall, it could potentially come with an unwelcome side effect – the cost of ransom demands going up, particularly for less high-profile victims.

According to Coveware, the average ransom payment during the final three months of 2021 was $322,168, more than double the figure of the previous quarter.

This rise comes following what researchers describe as a “tactical shift” towards targeting companies that are large enough to pay significant ransom amounts but are small enough that the attackers don’t have to spend a lot of time and effort on preparing and launching the attack.

Researchers warn that this shift in tactics is likely to continue, citing an interview with a LockBit ransomware affiliate as detailing the mindset behind the change.

“You can hit the jackpot once but provoke such a geopolitical conflict that you will be quickly found. It is better to quietly receive stable small sums from mid-sized companies,” they said.

Cyber Security – It’s time to get tactical.  The sophistication, frequency, and consequences of cyberattacks continue to evolve and grow. Don’t wait, you must adapt and update your security techniques.  Strengthen end-user training, and embrace new technologies.  Asani Ali can help.  Call or email us now. service@asaniali.org, 305 767 3102