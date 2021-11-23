Among so many threats to cybersecurity, undoubtedly the ransomware it is one of the most feared. That someone can take control of your files, encrypt them, and force you to pay a ransom to get them back, is a nightmare that nobody wants to experience. But worst of all is that these attacks are increasingly sophisticated thanks to a state of permanent evolution; and that is why it is increasingly common to run into infections of this type that harm individuals, companies, institutions or organizations.

During 2021 we have seen an increase in the number – and scale – of ransomware attacks, and it is no accident. And sadly, the outlook is not much better for 2022, according to Sophos (via ZDNet). The well-known security company released its threat report for next year this month, and the outlook for ransomware is dire. So much so that they define it as “a new hole” that attracts other cyber threats in order to form “a massive and interconnected ransomware delivery system”.

Basically, what the specialists are saying is that ransomware is so dangerous and lucrative that is changing the cybercriminal ecosystem. And here the escalation of ransomware “as a service” or RaaS (Ransomware as a Service) plays a key role. This is clearly not something new, and it is a topic that we have already covered in the past; however, the methods that underpin it also change as the years go by.

One of Sophos’s warnings heading into 2022 is that ransomware it will be more modular. Specifically, it refers to the fact that there are more and more groups destined to develop and sell specific elements that are necessary to carry out an attack of these characteristics. Thus, criminals no longer even have to worry about creating their own tools, but can instead rely on the work of different vendors to obtain the corresponding “parts”.

Ransomware and a worrying outlook for 2022

Photo by Michael Geiger on Unsplash

As we mentioned earlier, the Sophos report speaks of a change in the cybercriminal ecosystem fueled by the evolution and sophistication of ransomware. In addition, the company considers that other threats considered common, and that existed long before ransomware, now serve as pawns for criminals who operate attacks that “hijack” the files of an individual or organization. In this case, the loaders, droppers and Initial Access Brokers.

“This is distorting the landscape of cyber threats,” says the company’s principal investigator, Chester Wisniewski. “Ransomware thrives on its ability to adapt and innovate. While the RaaS offerings are not new, in previous years their main contribution was making ransomware available to less-trained or less-funded attackers. This has changed, and in 2021 , RaaS developers are investing their time and energy in creating sophisticated code and determining the best way to extract larger payments from victims, insurance companies and negotiators. Now they are entrusting others with the tasks of finding victims, installing and run the malware, and launder the stolen cryptocurrencies, “he said.

But this is not all. The report also estimates that pressure on victims will increase “in range and intensity” so they pay the ransom for their files. Among the most used methods this year are personal data exposure, phone threats and denial of service (DDoS) attacks.