Ransomware, AI, and Cybercrime-as-a-Service on the Rise

Cybersecurity trends highlight a surge in ransomware attacks, increased use of artificial Intelligence by cybercriminals, and the growth of cybercrime-as-a-Service, underscoring the need for heightened digital security measures.

FREMONT, CA: The world of digital security has observed significant trends that have garnered the interest of experts and organisations worldwide. These trends revolve around three main issues: the surge in ransomware attacks, the growing use of artificial intelligence (AI) in cyber threats, and the emergence of cybercrime-as-a-service as a concerning development.

One of the most pressing concerns in cybersecurity is the increase in ransomware attacks. Among these, a ransomware strain called LockBit has been particularly prominent, accounting for 30.3 per cent of all observed ransomware cases. Moreover, new variants such as Akira and Luna Moth have surfaced, further complicating the security landscape.

LockBit, in particular, has undergone updates that allow it to target newer operating systems like Linux and macOS. This expansion of its target range increases the number of potential victims and underscores organisations' importance in fortifying their defences. The new variants of ransomware in the wild can potentially cause even more harm to unsuspecting victims.

Akira, a recently identified ransomware group, has sent shockwaves through the cybersecurity community. While it is currently vulnerable to decryption through a readily available tool, experts anticipate that the threat actors behind Akira will swiftly address this flaw with updates, making it a continuous threat.

Cyberattacks have increasingly targeted the professional services sector, which handles sensitive client data. This sector's attractiveness to cybercriminals lies in its vulnerability to exploitation. Despite the surge in ransomware attacks, it is noteworthy that only 19 per cent of victims have opted to pay the ransom. This suggests a growing awareness among organisations that paying a ransom does not guarantee their data recovery or protection against future attacks.

While the ransomware-as-a-service (RaaS) model has dominated the cybercrime industry in recent years, it has been paralleled by the growth of cybercrime-as-a-service. This development has significantly lowered the barriers to entry for aspiring cybercriminals, providing them with access to a wide range of resources essential for executing effective attacks. Consequently, this parallel growth allows threat actors to navigate the attack lifecycle more efficiently, making the cybersecurity landscape increasingly complex.

AI has proven to be a double-edged sword in the world of cybersecurity. While AI tools have filters designed to prevent misuse, cybercriminals have found ingenious ways to bypass these safeguards. One disconcerting revelation is using AI tools, such as ChatGPT, to identify vulnerabilities, reverse-engineer shellcode, and even generate malicious code for malware. Shockingly, discussions have emerged in hacking forums regarding the use of ChatGPT in creating and distributing malware.

The emergence of WormGPT, a version of the popular AI chatbot ChatGPT, has sent shockwaves through the cybersecurity community. This AI is harnessed to generate malicious content, including phishing emails, malware code, fake news, and deceptive social media posts.

WormGPT, in particular, lacks ethical boundaries or safety mechanisms, allowing it to respond to harmful or illegal requests. Moreover, it is allegedly trained using data sources that include malware-related information, adding another layer of concern.

Ransomware attacks have evolved in scale and sophistication, with new strains and targets emerging. Simultaneously, the growth of cybercrime-as-a-service has democratised access to malicious tools and services. Once seen as a potential saviour in cybersecurity, threat actors have exploited AI, posing new challenges for defenders. In this evolving digital landscape, organisations and security experts must remain vigilant and adapt swiftly to counter these emerging threats. Staying informed about these trends is crucial in maintaining adequate digital security.