Fraud Management & Cybercrime , Malware as-a-Service , Ransomware

Ransomware: No Longer Sexy, But Still Devastating

James Lyne of Sophos Rounds Up the Latest Cybercrime Trends and Defenses
James Lyne, global research adviser, Sophos

We need to talk about ransomware, says James Lyne of Sophos.

See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation

"It's not the big, sexy security topic that it once was, but there's some really interesting evolution in their tactics," he says. "For example, there are three campaigns that since January are just skyrocketing; they're super popular."

Specifically, he mentions Data Keeper, Satan and Gandcrab ransomware.

Data Keeper, for example, allows users to sign up for free and customize their malware. Then the site generates it for free, giving users a referral fee for every time their ransomware successfully compromises a victim.

The ransomware-as-a-service offering makes it "point-and-click easy for people to generate new ransomware," Lyne says. And it's just one example of a number of sites that are "bringing a whole load of new types of criminals ... to fraud that weren't there before, which I think is really, really scary."

In other words, organizations shouldn't take their eyes off the ransomware problem. "It's still a huge problem ... and the cybercriminals are very much still innovating here," he says.

In a video interview at the recent Infosecurity Europe conference in London, Lyne discusses:

  • Ransomware trends;
  • New criminal business models;
  • Why artificial intelligence and machine learning will be transformative for large parts of the security industry and potentially also for criminals.

Lyne is a global research adviser at Sophos, head of research and development and creator of CyberStart at SANS Institute, and the founder and director of security research firm Helical Levity. He has worked with many organizations on security strategy, handled a number of severe incidents and is a frequent industry adviser. He is a certified instructor at the SANS institute and often presents at industry conferences.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.