A new report gives a stark warning that ransomware will “wreak havoc on America's critical infrastructure community” in 2016. The report, published by the Institute for Critical Infrastructure Technology (ICIT), compiled reported incidents of ransomware and predicted that previously exploited vulnerabilities will soon be utilized to extract ransom.
Unless hackers are state-sponsored or part of a well-organized cybergang, the individual attacker is often unsure of how to successfully capitalize on exploits. Attackers enter into revenue-sharing agreements with script kiddies, said James Scott, senior fellow at Institute for Critical Infrastructure Technology (ICIT), in speaking with SCMagazine.com. “A lot of these attackers are going to be capitalizing on vulnerabilities that they dialed in last year,” he said.
On ransomware dark web forums, attackers announce their positions at specific targets, and will sit in wait. “They are setting up alliances and trying to become more intertwined in the organizations.”
Check Point president Amnon Bar-Lev confirmed this trend. In speaking with SCMagazine.com, he said ransomware “is much more of a problem than people anticipate.”
The ICIT report projected that ransomware attacks will evolve, much as phishing attacks, once the domain of the least adept attackers, have since grown into complex spear phishing attacks. “The evidence suggests that the threat landscape is shifting towards more profitable sectors,” the report noted. For instance, the Hollywood Presbyterian Medical Center attackers demanded 9000 Bitcoins ($3.6 million). After negotiation, the hospital paid 40 Bitcoins ($17,000). The ransomware attackers “did not demand the typical user ransom of $210-420.”