• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Ransomware: A change in direction

December 4, 2015 by Secure360 and UMSA

changing threat of ransomware

Copyright: 123rf/nevarpp

Ransomware is malicious software that encrypts files until the user pays to get the encryption key to unlock them. This form of cyber attack has had a successful run in the past, with criminals targeting businesses and government organizations, demanding higher ransoms for more valuable data. Ransomware has been so successful that some FBI agents have commented the bureau often recommends that people just pay the ransom. Unlike other malware infections, a cleaning or removal tool cannot be run to get rid of ransomware, so defenses have to catch it before it can act.

Computers and servers are slowly being upgraded and better protected, and companies are making sure that their employees are educated on the threats of ransomware. As a result, changes are being made to the ransomware model, where encryption of data is just one step. Attackers are using targeted methods such as emails that look like they originate from within your company, in order to get their malicious encryption tools into vulnerable systems. After encrypting data or files, attackers threaten to publish something that you will pay to keep secret, whether it is valuable financial information or embarrassing emails.

The changing target of ransomware

As we adopt more security technology, we also are fueling the creativity of cyber attackers. Criminals will change and multiply their attacks, going after less secure systems such as smart TVs, conferencing equipment, or other unsecured devices.

Typically malware threats go through several phases, starting off with attacks in small volumes, as criminals evaluate their target systems’ defenses until they identify the best method of attack that will achieve success rates. After this evaluation process is done, criminals increase the volume of their attacks, going after consumers and businesses, as the technique improves and is monetized through massive campaigns. The next phase is a shift from volume to highly targeted attacks. As security defenses begin to adapt to the generic approach, criminals identify higher value targets. Ransomware is currently moving from the volume to targeted phase, increasing in sophistication of the delivery mechanism and looking for more valuable ways to get money from victims.

Preventing targeted ransomware attacks

As ransomware threats shift from volume to targeted mode, a shared intelligence strategy that can detect threats at multiple points, across both networks and the cloud, will be needed. Users should be aware of potential motivations, whether that is organized crime looking for payment or exposing corporate secrets. Understanding the attacker profiles helps will help users identify what material is valuable and vulnerable and prioritize security efforts.

Ransomware is just one cyber threat that is evolving as our security defenses do. Security needs are changing to require greater integration between defenses; broader collaboration with law enforcement, supply chain partners and organizations throughout the industry; and increased automation that can react at digital speeds.

Filed Under: Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. UMSA Foundation
    UMSA Foundation: Have you registered for @Secure360 yet? Don’t miss this fully virtual event featuring a high-quality interactive ev… https://t.co/LJRkOYBsqm
    about 22 hours ago

  2. Secure360 Conference
    Secure360 Conference: Interesting & relevant read on #vaccinepassports! Thanks for sharing @CheckPointSW https://t.co/eNHWZjjqvm
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: Exciting news for a #Monday! We've officially welcomed @pingidentity as a 2021 #Platinum #sponsor for #Sec360 🤩 Lea… https://t.co/ddZ4MvCkk1
    about 3 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.