Over the course of 2021, cybercriminals have increasingly better organized their underground ecosystems, so that even more professional attack patterns must be expected in the new year. Ransomware groups in particular are increasingly looking for allies among experienced contract hackers, according to Radware. […]
The ransomware groups Avaddon, SunCrypt, Ragnar Locker and Hello Kitty are known for using DDoS attacks to put additional pressure on their victims. “Such groups regularly publish messages in which they hire experts in areas such as backup technology – not to repair such systems, but to destroy them,” explains Pascal Geenens, Director Threat Intelligence at Radware. “The cybercrime gang Lockbit is even running ads to recruit partners, including the operators of the Mēris botnet.“
The incentives are great. A survey of 300 US IT decision-makers found that 83 percent of ransomware victims paid the required ransom. And the demand for hacking skills and resources from the underground has increased since ransomware operators are conducting more and more successful campaigns.
From automated to manual
With highly motivated actors expecting payments from organized cybercrime groups, according to Radware observations, attacks have increasingly shifted from automated to manually conducted attacks. For example, researchers at Agari have found that the reuse of leaked passwords is mostly initiated by humans and not automated. And while it can be difficult to defend against automated attacks, it is even more difficult to defend against human intelligence, especially since the attacks are driven by the prospect of millions of dollars in payments and are correspondingly persistent.
New threats to service providers
Service providers and carriers will also have to defend themselves against new threats in 2022. Thus, Radware expects a greater number of sophisticated attacks with higher intensity and lower volume. These so-called phantom floods, which go unnoticed especially in high-bandwidth networks, can be just as harmful as the higher-volume attacks that make headlines. To detect and mitigate this new generation of attacks, network operators need to deploy more automated, granular and dynamic security solutions.
According to Radware, this whole scenario will become even more complicated with the further expansion of 5G. “5G will start to reach its full potential in 2022 and will no longer behave like 4G,” said Shai Haim, Security Product Marketing Manager at Radware. “Services with low latency will appear and prevail. There will be more movement to the cloud, more edge access points, more mobile services and smarter IoT devices.“ To secure this new world order, network operators must protect their services both in the cloud and at the endpoints – smoothly, without latency and without compromising the user experience.