Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks
Ransomware has been a growing scourge for years, but recent attacks illustrate a growing sophistication by attackers within this slice of the cybercrime underbelly. Snowballing assaults against the business sector, schools and government organizations are now a primary cybersecurity concern. Making matters worse, is the ever-changing nature of ransomware attacks, complicating the cyber-defender’s job.
For instance, the last 12 months has seen emerging types of extortion attempts on the part of ransomware operators. Double-extortion efforts pioneered by cyberattack groups like Maze have become standard operating procedure (stealing sensitive data and threatening to release it if a victim doesn’t pay up). But beyond this, some ransomware operators, such as the SunCrypt gang, are mounting follow-on denial-of-service (DoS) attacks to put the screws to victims. And, other gangs are using the data they steal to mount additional attacks on the initial victim’s partners or suppliers, as seen in the Blackbaud attack.
There’s also a burgeoning move to attack cloud resources such as Kubernetes and Docker, which opens up a new threat surface and area of risk for IT security teams.
Keeping up with ransomware changes can be overwhelming. To that end, Threatpost hopes to lend context, in-depth insights and mitigation examples with a fresh eBook to arm infosec professionals with knowledge needed to defend against not only the state of play – but also the emerging trends and attack patterns (such as those above) that are set to bubble up and take security staff by surprise in the year ahead.