Ransomware to become more modular & uniform in the coming days: Sophos Threat Report 2022
In-depth report identifies trends in ransomware services, commodity malware, attack tools, crypto-miners, and more that are impacting IT security
The ransomware landscape will become both more modular and uniform in the coming days. It will continue to adapt to distribute and deliver ransomware. These findings were made public by Sophos, the global cybersecurity solutions provider, recently in their 'Sophos 2022 Threat Report'. The report also provides a unique multi-dimensional perspective on security threats and trends facing organisations in 2022.
The report, written by SophosLabs security researchers, Sophos Managed Threat Response threat hunters and rapid responders, and the Sophos AI team, reveals key cyber threat trends from the past year citing multiple examples analysed by Sophos researchers.
According to Sophos researchers, attacks by single ransomware groups gave way to more ransomware-as-a-service (RaaS) offerings during 2021, with specialist ransomware developers focused on hiring out malicious code and infrastructure to third-party affiliates.
The report also states that the use of multiple forms of extortion by ransomware attackers to pressure victims into paying the ransom is expected to continue and increase in range and intensity. Cryptocurrency will continue to fuel cybercrimes such as ransomware and malicious crypto mining, and Sophos expects the trend will continue until global cryptocurrencies are better regulated.
The report also predicts that the application of artificial intelligence to cybersecurity will continue and accelerate, as powerful machine learning models prove their worth in threat detection and alert prioritisation. At the same time, however, adversaries are expected to make increasing use of AI, progressing over the next few years from AI-enabled disinformation campaigns and spoof social media profiles to watering-hole attack web content, phishing emails and more as advanced deep-fake video and voice synthesis technologies become available
"It is no longer enough for organisations to assume they're safe by simply monitoring security tools and ensuring they are detecting malicious code. Certain combinations of detections or even warnings are the modern equivalent of a burglar breaking a flower vase while climbing in through the back window. Defenders must investigate alerts, even ones which in the past may have been insignificant, as these common intrusions have blossomed into the foothold necessary to take control of entire networks," said Chester Wisniewski, Principal Research Scientist at Sophos.