![]() ![]() Meanwhile, ChatGPT and other AI tools create nested tiers of automation to gather information, form target groups, and identify and prioritize vulnerable behaviors by expected revenue to lure big-name victims (also known as “big fish”) in harpoon whaling attacks and romance scams. Virtual kidnappers, for example, currently use voice cloning, SIM jacking, ChatGPT, and social network analysis and propensities (SNAP) modeling to identify the most profitable targets and execute their ploy. The cybersecurity industry can also expect an increase in demand for identity-aware anti-fraud techniques along with an uptick in cybercriminals leveraging AI to carry out virtual crimes more efficiently. One in every four companies is adopting AI to bridge labor and skills gaps, while two in every three companies are planning to apply AI to address sustainability goals. AI adoption continued at a stable pace last year, with 35% of companies using AI in their business. Meanwhile, organizations are increasingly embedding AI capabilities in their operations. Cryptocurrency has also made payment schemes more efficient in favor of threat actors, underlining the demand to shift left - meaning implementing as many measures as possible for blocking threats from entering the network in the first place - when anticipating ransomware-related attacks that trigger extortion only after gaining access and exfiltrating data.Īs early as 2021, 52% of companies accelerated their AI adoption plans because of the COVID-19 crisis. Ransomware players who remain in it for money might also turn their data exfiltration efforts toward cryptocurrency theft, business email compromise (BEC), and deploying short-and-distort schemes for stock market manipulation. Recent ransomware attacks are now comparable to APT groups in terms of skills, approach, and attack capabilities. In our May report on the RomCom backdoor, we discussed how the historical use of the backdoor in geopolitically motivated attacks on Ukraine since at least October 2022 suggests a shift in Void Rabisu’s targets. Meanwhile, financial gain might not be the only motivator for ransomware groups, as government entities could offer recruitment opportunities to operators in lieu of prosecution. These connections are consistent with our ransomware revolution insight about how collaborations could lead to lower costs and increased market presence while also maintaining the efficacy of criminal activities. Our investigations of Royal and Mimic suggested connections with the larger and more notorious Conti ransomware group, while our investigation of TargetCompany showed its links to other families such as the BlueSky and the GlobeImposter ransomware. Meanwhile, the Royal ransomware has been expanding its targets with an update aiming at Linux platforms. ![]() Earlier this year, new player Mimic abused the legitimate search tool Everything to query file extensions and names to determine which files to encrypt and avoid. Your Trend Micro Antivirus should now show the Protected status.Ransomware groups continue to update their tools and techniques for expanded targets and efficient data extraction.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |