RICHMOND (VA) -- Cybercriminals are becoming more adept at hacking and becoming better professionals. They even set up an arbitration system for payment disputes between themselves according to a report from the United States and Australia that paints a grim picture of ransomware trends.
Ransomware gangs that hack into targets and take their data hostage using encryption caused widespread havoc last yea with high-profile attacks against the largest U.S. meat-packing business and the largest U.S. fuel pipe and other targets. Western governments have promised to take action against cyber criminals operating mainly in Russia and the surrounding areas. However, little has been done. The specialists range from hackers who can hack into networks and develop ransomware to non-technical operators who make payments to victims. According to the report, the United Kingdom's National Cyber Security Centre stated that ransomware gangs have offered victims a 24-hour help line to speed up ransom payments and restore encrypted data. Arbitrators can also be used to settle disputes between ransomware criminals.
John Hultquist (Vice President of Intelligence Analysis at cybersecurity firm Mandiant) stated that "The criminal market is incredibly, extraordinarily efficient and continually evolving." "The fact they can operate this way is evidence of our inability to grasp the problem."
The report describes how ransomware gangs have developed new technical skills to attack cloud infrastructure. This is often viewed as a safer option to locally storing data. It also includes code that can stop industrial processes. U.S. authorities stated that they had seen ransomware attacks targeting 14 of 16 critical infrastructure sectors. This includes the defense industrial base and agriculture sectors.
Wednesday's joint report was released by the FBI, NSA and Cybersecurity and Infrastructure Security Agency in America. It also includes the United Kingdom’s National Cyber Security Centre and Australian Cyber Security Centre.
According to the report, ransomware groups were disrupted by U.S authorities in mid-2021 after hacking majorly disruptive incidents on the Colonial Pipeline in U.S.A in May and JBS SA in Brazil in June. They targeted mid-sized victims in an effort to lessen scrutiny.
However, the UK and Australian authorities stated that they have not observed a similar trend in their respective countries. Kaspersky Labs reported that ransomware-related incidents accounted for 47% in its global response in December, up from 38% in the previous year. However, the U.S. saw a 33% decrease in targeted ransomware attacks detected by its intelligence network in 2021, compared to previous years. This compares to a global 30% increase.
Ransomware has been a victim of ransomware in the past month. These include operators of maritime fuel depots, in Belgium and Germany, and media outlets in Portugal. Although Vodafone Portugal's CEO said that it had not been ransomware demanded, a cyberattack against Vodafone Portugal's wireless provider Vodafone this week showed all the signs of ransomware.
