Cyber SecurityUNSPLASH
Data hijacking or ransomware is one of the most feared cyber threats, especially in the professional sphere, where the information is more sensitive and often essential for the functioning of the organization or business (if not crucial for its security). In the last six months, variants of this technique, in which cybercriminals encrypt data and demand a ransom to release it, have almost doubled. This is determined by the Global Threat Index, which is compiled by Fortinet, a cyber security company from the USA.
“Ransomware remains one of the top threats, and cybercriminals continue to invest significant resources in new attack techniques,” the report explains. In half a year, the company registered 10,666 variants compared to 5,400 in the previous semester.
Teleworking has contributed to the growth of this type of attack since the start of the Covid-19 pandemic. José Luis Laguna, Director of Engineering at Fortinet Iberia, explains: “We work a lot from home and in most cases the devices we use are connected to poorly protected networks. The cell phone, tablet or work computer you use at home is not connected to the work network, which could also be attacked, but at home these devices are more vulnerable and therefore cyber attackers focus their efforts there.”
More information
According to the company, the rise of ransomware variants is also contributing to the ransomware-as-a-service (RAAS) model, which is becoming increasingly popular on the dark internet or dark web. As if it were Netflix, developers are offering subscription models that allow criminals with little (or no) experience to launch a targeted cyberattack and become consumers. “Just like your favorite subscription service offers you TV shows, orders food at home, or visits a place, the Raas give criminals access to ransomware and other malicious programs for a monthly payment or a commission,” he says. Despite the efforts and actions taken at the international level to deal with these crimes, they continue to pose a significant threat to organizations, regardless of their size.
“Rather than attacking like crazy, cybercriminals are becoming more sophisticated and their efforts more targeted. Instead of sending ransomware to anyone and trusting them to pay, they now choose who to attack,” Laguna points out.
The number of data carrier deletions has also multiplied in the first half of the year, which, according to company representatives, is not aimed at extortion but “should cause as much damage as possible”. Fortinet identified seven major disk wipe threats in the first half of the year. Although it may be a tiny number a priori, it is the same number of deletion variants identified from 2012 to last year. In this case, what triggered such growth was the invasion of Ukraine. Although it’s difficult for investigators to ascertain with full confidence, the perpetrators are often Russian sympathizers with military aims and a clear intent to sabotage.
The victims of these deletions are usually government or military agencies and Ukrainian organizations. What is striking about these attacks, of course, is that since the invasion began last February, more threats have been identified outside of Ukraine than there, although they are also war-related.
With cyber threats just evolving and trying to evade systems’ defense mechanisms, the analysis confirms the importance of artificial intelligence to counter threats more efficiently: “Organizations need security operations that can run at machine speed with the scale, complexity and… keeping up with the pace of today’s cyber threats,” summarizes the text, which also emphasizes the importance of cybersecurity awareness and training to ensure both employees and security teams are aware of the dangers. “Cyber criminals never miss an opportunity. Whether it Whether it’s a vulnerability or a war, there will always be someone trying to do harm for an advantage,” the report concludes.
You can follow EL PAÍS TECHNOLOGY on Facebook and Twitter or sign up here to receive our weekly newsletter.