Sophos, the world leader in innovation and delivery in cybersecurity as a service, and the company I work for, said in a report published in early November 2022. Important report on cyber threat trendsIt shows how ransomware creates a massive interconnected distribution system with significant implications for IT security for businesses and individuals.
This ransomware delivery system is compared to the gravity of an ever-growing black hole that is constantly feeding and growing.
work titled, Sophos Threat Report 2023provides a unique, multidimensional perspective on security threats and trends facing organizations. Below we have the current main trends:
1. Throughout the year 2023, The ransomware landscape will become more modular and uniformwith “experts” in attacks who offer different elements “as a service” and provide guides that include tools and techniques that allow different groups of enemies to carry out similar attacks.
According to Sophos researchers, attacks by individual ransomware groups have been replaced by more ransomware-as-a-service (RaaS) offerings, and developers specializing in this type of malware have focused on outsourcing malicious code and infrastructure to third-party affiliates.
Once they have the malware they need, RaaS affiliates and other ransomware operators First Access Agents and malware distribution platforms to find and target potential victims. This is linked to the second major trend presented below.
2. Established cyberthreats will continue to adapt to more efficiently distribute and deliver ransomware.
This includes loaders – basically remote access trojans [RATs] Communicating between the attacker and the compromised system – , Droppers – a type of trojan that downloads malware embedded on the victim’s computer and aims to “release” another malicious executable – and among other common malware First Access Agents – An emerging breed of cybercriminals that are increasingly sophisticated and selling access to already compromised networks – run by humans, SPAM and adware.
3. The use of various forms of extortion by ransomware attackers to force victims to pay the ransom is expected to continue and increase in scope and intensity.
Ten different types of repression tactics were cataloged, from theft and data disclosure, as well as threatening phone calls, distributed denial-of-service (DDoS) attacks, and many other modalities.
4. Cryptocurrency will continue to feed cybercrime, such as ransomware and malicious crypto miningSophos expects this trend to continue until global cryptocurrencies are better regulated.
Sophos researchers have discovered crypto miners like Lemon Duck and the lesser-known MrbMiner, who take advantage of access afforded by newly reported vulnerabilities and targets that have already been breached by ransomware operators to install miners on large numbers of computers and servers.
Other trends analyzed in the Sophos research include:
• After security vulnerabilities Proxy Login and Proxy Shell Discovered and patched in 2021, attack rates so high that Sophos expects continued attempts to mass infiltrate IT management tools and exploitable internet-facing services by sophisticated attackers and casual cybercriminals.
• The company also expects cybercriminals to increase their abuse of adversary simulation tools such as: Cobalt Attack Marks🇧🇷 mimikatz and PowerSploit🇧🇷 Mentioned, defense teams should check all warnings about legitimate tools or a combination of these solutions, besides performing a malicious detection, it may indicate the presence of an intruder on the network.
• Mobile threats and social engineering scams, including fluent and jokercontinues and diversifies towards target individuals and organizations.
• The application of artificial intelligence in cybersecurity will continue and accelerate as powerful Machine Learning models prove their value in detecting threats and prioritizing alerts. However, at the same time, competitors are also expected to increasingly use AI in the coming years, making progress with AI-powered disinformation campaigns and fake social media profiles for offensive web content. watering hole (a computer attack strategy in which an attacker guesses or observes which websites an organization is using and infects one or more of them with malware)phishing emails and more – such as advanced deep fake videos and speech synthesis technologiesas these technologies become more available.
Sophos Threat Report 2023: Trends in cyber threats
Source: Tec Mundo