Sophos gives a new report on premeditating Ransomware Attacks

39

Hackers have started launching a new method of ransomware attacks where millions of dollars are being reaped by exploiting the availability of Windows System Administration Tools. Yes, a report from the Britain based cybersecurity company Sophos claims these findings to be absolutely true.

The Sophos study claims that cyber crooks have devised a new method to hand deliver ransomware attacks a carbon copy style to ‘spray and pray’ attacks.

“In this style of attacks, the hackers distribute ransomware on an automated note via millions of emails”, said Joe Levy, CTO, Sophos.

Traditionally, ransomware spreaders target victims on an individual note, by overcoming roadblocks and wiping out back-ups so that the victim is left with no other choice than to pay the ransom.

But now, all thanks to the use of Artificial Intelligence technology, hackers are now having the choice of launching attacks on an automated note, where software does most of the thinking based on certain pre-set parameters. And hackers are left with the only choice to sit, relax and enjoy the dividends says Levy.

Sophos experts believe that the financial success of SamSam, BitPaymer, and Dharma will inspire more copycat attacks in 2019.
Researchers at Sophos also claim that cybercriminals are readily using available Windows Systems administration tools to employ Advanced Persistent Threat (APT) techniques to evade the security components of a system and complete their mission.

The cybersecurity firm says that hackers are achieving it by using PowerShell files and Windows Scripting Executables to deploy malware attacks on users.

What’s more interesting about the findings is the fact that one such attack leads the malware spread to many- similar to the chain reaction.

Sophos 2018 cyber threat report also points out the fact that there is a continued threat to the mobile and Internet of Things ecosystem. The security firm says that in future the IoT networks when infected can affect organizations beyond their infrastructure.

Coming to Mobile Threats, an increase in illegal Android Apps is said to help cyber crooks in pushing the malware to phones, tablets and other connected devices in coming years. And if this happens, the infected devices will act as nodes or botnet farms to spread malware or can act as DDoS attacks launching platforms.

Sophos CTO, Joe levy expects that companies will be left with smarter and stronger adversaries in near future if they fail to find ways to break into the complex and esoteric approaches devised by hackers in near future.