Ransomware Gangs Turn To Info Stealing

Security Week focused on conflicting reports that came out in February, IBM’s Threat Index claiming that ransomware attacks were down more than ten percent, and Delinea reporting that such attacks were growing almost exponentially.

It’s a question of definition, it seems. Delinea equates ransomware with extortion. IBM equates it specifically with encryption.

Because more companies are heeding the standard advice not to pay decryption ransoms, attackers are changing tactics. They find that stealing data is a better method of extorting payments. Notably, IBM says that ‘data theft and leak’ attacks increased by 32 percent, which more than offset the decline in encryption ransomware. “Theft and leak” is simply the tool of choice.

That analysis does not apply to manufacturers, Security Week explains, because downtime due to encryption can be more costly than data blackmail

The looming threat comes from machine learning/artificial intelligence technologies. In 2023, IBM viewed 800,000 posts in the cyber underworld mentioning AI and GPT. Criminals are salivating at the potential these technologies represent, and according to Security Week, the question is not if but when the AI threat will become real. 

IBM’s analysis looks to cybercrime history to predict when AI will become the biggest threat. Ransomware, business email compromise, and cryptojacking all accelerated when the platforms of use had at least one-third of market share.

“These patterns suggest that for cybercriminals to see ROI from attacking AI platforms and for developing easy-to-use tools on the criminal underground, the technology they’re targeting must be ubiquitous across most organizations in the world,” says IBM.