![]() “Just look at it from a business mindset. The financial incentives make it less helpful to analyze ransomware from a criminal mindset. It is really a modern tech-enabled version of extortion,” Barratt said. “Ransomware is highly lucrative because it provides a shortcut to results. “Both of those seem like vast, vast undertakings,” Andrew Barratt, VP of technology and enterprise accounts at the cybersecurity advisory Coalfire, said via email. Lowering the overall impact of ransomware requires every organization to significantly improve their defense and resilience while simultaneously reducing the capabilities of threat actors. The global network of developers and licensees are “organized and methodical, especially when it comes to training new bad actors who seek to profit from this lucrative dark business,” Guccione said. “There are more than 25 major ransomware cartels globally,” Darren Guccione, CEO and co-founder of Keeper Security, said via email. ![]() Half of its public victims last year were based in the U.S., according to Kimberly Goody, senior manager of cyber crime analysis at Google Cloud. Hive was the most prolific variant of ransomware, accounting for more than 15% of the ransomware intrusions Mandiant responded to in 2022. Ransomware is a big business, and the rewards are often greater than the risk. “Previous disruptions have brought a small amount of temporary reprieve, so they aren’t pointless and they do send the message that we are trying to come after you,” Chester Wisniewski, field CTO of applied research at Sophos, said via email.īut the takedown “is only putting a small dent in the problem,” Wisniewski said. It might temporarily slow, or at best halt activities in one circle of cybercrime but it’s not ultimately a deterrent in today’s environment. Threat actor takedowns can be a Band-Aid on an open wound. “Unfortunately, during these past seven months, we found that only about 20% of Hive’s victims reported potential issues to law enforcement,” FBI Director Christopher Wray said last month in a press conference announcing the disruption of Hive’s activities.Īn outstanding threat from ransomware remains at large. The ransomware threat is omnipresent and much of the activity remains under wraps because the vast majority of target victims don’t report attacks. Law enforcement efforts against ransomware can only do so much. The takedown did not result in criminal arrests of any individuals involved or affiliated with Hive, and the predominant assumption is that the Hive members will regroup or splinter to join other ransomware groups, an effort that could already be well under way.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |