• Latest
  • Trending
How the Russian Ransomware Model Could Spread Worldwide

How the Russian Ransomware Model Could Spread Worldwide

November 30, 2021
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 12 May, 2025
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

How the Russian Ransomware Model Could Spread Worldwide

by ITECHNEWS
November 30, 2021
in Opinion
0 0
0
How the Russian Ransomware Model Could Spread Worldwide

Contrary to popular belief, ransomware is not a new phenomenon. We’ve seen digital extortion in one form or another for almost three decades. Yet, few could have predicted 10 years ago that cyber-criminals would be causing the shutdown of oil pipelines, disrupting food supply chains and even endangering lives. Russia has the dubious honor of being the world’s number one ransomware hub. It was widely believed that this was due to a unique set of circumstances. The problem is, they’re not actually that unique.

The Russian Story

Ransomware first emerged into the national media spotlight when WannaCry and NotPetya spread recklessly around the globe back in 2017. Until that point, ransomware was primarily the concern of IT and security teams. Yet, WannaCry and NotPetya demonstrated the devastating impact a ransomware attack could have. As devastating as WannaCry and NotPetya were, over the past few years, ransomware has evolved significantly. Cybercrime gangs calculated that they could make more money from targeting corporations with multimillion-dollar ransom demands instead of indiscriminate phishing campaigns with low-dollar ransom demands. Some groups honed their activities to include techniques more commonly associated with sophisticated APT actors, including the use of legitimate tooling to move laterally inside networks without triggering any alerts.

YOU MAY ALSO LIKE

Making Biometrics Work: 3 Ways To Jumpstart the Process

How to prevent cyberbullying: Keeping students safe

Then came the advent of ransomware-as-a-service and the affiliate model that democratized the ability to launch attacks on whole new groups of actors. Fortunes are being made, and victims continue to pay despite the advice of law enforcement – often funded by insurance policies – and, crucially, the Russian state turned a blind eye.

What makes Russian cybercrime gangs so prolific? It’s not just a state that turns a blind eye to their activity, as long as it focuses outwards. It’s about having many technologically proficient graduates, a hangover from Soviet days when the state prioritized STEM subjects. It’s also a product of the fact that many of these individuals can’t find well-paid jobs without the right connections. It’s also due to the thriving underground cybercrime ecosystem, built around native language dark web forums and marketplaces where budding criminals can source new TTPs, sell stolen data and answer ‘job’ ads.

Follow the Leader

The danger for organizations in the US, Europe and elsewhere is that the Russian model could take hold in other countries very easily. Take China. It has a large workforce proficient in IT, a robust underground cybercrime economy and an autocratic government more than willing to turn a blind eye to illegal activity, as long as it’s directed at targets in the right countries – Taiwan, the US, the UK and Australia to name but a few.

Iran has a similar profile: a well-educated technical workforce but few opportunities to use and be adequately remunerated for their skills. Plus, a government that would certainly be quite happy if they decided to attack the old enemy: the United States. It doesn’t stop there. Take Brazil. The country has long been a hotbed of malicious cyber-activity, focused mainly around info-stealing and banking Trojans. It wouldn’t take much to adapt that into a thriving ransomware-as-a-service scene. It’s less likely that this democratic country would willingly harbor such criminals, but it’s not beyond the realms of possibility. We have already seen sporadic ransomware campaigns that appear to be tied to Chinese, Iranian and Brazilian cyber-criminal groups. If we start to see progress with these nascent activities, we might see more consistent and continuous success going forward.

Can We Stop Them?

The bad news is that, thus far, diplomatic efforts aimed at changing Russian geopolitical calculations have failed miserably. The Biden administration has been turning up the pressure on the Kremlin in recent months, even threatening at one stage to take unilateral action against threat groups like REvil. It has applied sanctions to some groups like Evil Corp and presented President Putin with a list of no-go critical infrastructure sectors. Little has changed.

Similar efforts at engagement with Iran and China on cyber matters have proved largely ineffective. A 2015 agreement hammered out between Barack Obama and Xi Jinping saw China agree to ‘cease’ economic espionage activity. It lasted for a few weeks.

So what hope is there for progress? It will be interesting to see what happens as a result of US sanctions against a Russian cryptocurrency exchange accused of facilitating ransomware payments for cybercrime groups. Of course, going after a single-player won’t stop attacks. Yet, it may be worth expanding if the model is seen to work and creates a frustrating bottleneck for threat actors trying to receive and launder funds. The cybersecurity world, and boardrooms across the globe, await more news with bated breath.

Allan Liska Senior Solutions Architect, Recorded Future

ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version