Sales: 833-761-0695
Support: 509-465-1234 x 2
Remote Support Login
See Service Pricing

The Evolution of Ransomware

Over the past 40 years, the threat of ransomware has grown exponentially from initial generalized threats to targeted and specialized takedowns. New technology and the organization of perpetrators have evolved, and ransomware demands have never been higher.

by

marketing@torchlight.io
in

Over the past 40 years, the threat of ransomware has grown exponentially from initial generalized threats to targeted and specialized takedowns. New technology and the organization of perpetrators have evolved, and ransomware demands have never been higher. In this post, we break down current trends and origins, so you can determine how to best protect your business.

Traditional Ransomware

• Many targets, limited differentiation, or control
• Victims rarely comply with demands

Post-Intrusion Software

• Maximized destruction
• Reduced to specialized targets
• More control over deployment with higher ransom demands and payments

Cryptocurrency

• Less trackable and easy to obfuscate transactions
• Allows large scale payments to hackers quickly

Ransomware as a Service (RaaS) Model

• Specialization between Initial Access Specialists or Brokers, Affiliates, and Operators allowing for greater scale in ransomware operations
• Same cybercriminal organizations that are building the malware, etc. aren’t usually the ones deploying it
• Allows for better organized attackers to hunt for big name targets
• Also allows individual attackers to randomly target, find, and exploit vulnerabilities across a diverse range of victims

Shift from Name and Shame to Data Theft and Sale

• Shift away from ransomware to simple data theft – doesn’t leave the operators potentially exposed to government scrutiny or search
• Exfiltrating data instead of just infiltrating and encrypting

What can you do to protect your company against the evolving threat of ransomware?

• Ensure your company is diligent with core security hygiene including up to the minute patching and replacing obsolete SSL protocols
• Create a well-documented and well-practiced incident response plan
• Ensure policies, controls, and security training is in place for staff
• Adopt the zero-trust methodology

How can you protect your company?

Contact us to design, build, and manage your company’s security risk strategy so you can continue operating and running your business without fear or worry.