The latest research results show how the business models of cybercriminals can change. Trend Micro publishes a new study that looks at the expected changes in the field of ransomware. The warning: Cyber criminals are expanding into other illegal business models and merging with state actors or organized crime.
Threat actors evolve their methods in response to corporate defense strategies, law enforcement successes, and government sanctions. This is made possible, for example, by scaling attacks due to increased automation, increased targeting of IoT and cloud environments, and improved operational security (OpSec) and monetization on the part of the attackers.
New business models and expansion plans
The Japanese cybersecurity provider's report identifies various triggers that can lead ransomware actors to change their business model. As such, either many smaller changes within the IT landscape or a few, but particularly powerful global factors come into question. Both variants can lead to cybercriminals, for example, increasingly relying on supply chain attacks in order to reduce their dependence on Initial Access Brokers (IABs). They can also use stolen data to manipulate stocks, sell more services to "traditional" organized crime, join forces with other criminal groups or even cooperate with state actors.
No panacea for defense
There is no panacea for overcoming these challenges. IT security officers and authorities should therefore deal intensively with possible changes in the business models of cybercrime. The Trend Micro report recommends a number of actions to prepare for these future scenarios, including:
- Increased protection of Internet-based and internal company systems
- Migration to cloud services
- Focusing cyber defense efforts on detection and response as well as first access vectors
- Increased government sanctions against key cybercriminal actors and intermediaries
- Regulating cryptocurrencies to increase transparency, protect consumers from fraud and make money laundering more difficult
“Change is the only constant in cybercrime. Sooner or later, economic and geopolitical forces will force ransomware groups to either adapt or collapse,” said Richard Werner, business consultant at Trend Micro. “Amid this uncertain threat landscape, IT security teams need a unified cybersecurity platform that provides visibility and control across the entire attack surface, including hybrid cloud infrastructures. The results of our study help organizations prepare for that future.” The full report, The Near and Far Future of Today's Ransomware Groups, is also available online.
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.