Ransomware Is Getting Smarter and Harder to Defend Against

Businesses are at risk of quicker and sharper malware strains, a new study warns.

According to a new report, ransomware is expanding, diversifying, and making it much harder for businesses to defend against.

Elastic’s latest Global Threat Report (GTR) analyzed over a billion data points from the past 12 months to better understand the ransomware-threat landscape and found that almost every attack on cloud infrastructure starts with credential theft.

This coincides with the recent news that ransomware activity in September 2023 reached unprecedented levels with over 514 attacks, and cybersecurity threats have jumped by 40% in four years.

Defense Has Become a “More Tedious” Task

Elastic’s GTR observed malware signatures, endpoint behavior, and adversary campaigns. It also took a look at threat forecasts for the year ahead, having commented that ransomware was now a “much harder, tedious task” to defend against.

The report found that a blend of off-the-shelf tools and “highly prevalent” ransomware families made up the majority of the malware. Similarly, over half of observed malware infections targeted Linux systems and around 91% of malware signature events were recorded on Linux endpoints. This is in contrast to Windows that featured around 6%, likely due to threat actors lingering in platforms with low visibility.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.See deal button

There Could be Trouble in the Cloud

Businesses migrating from on-premises IT infrastructure and software solutions to cloud-based ones are particularly at risk, according to the GTR. 

The pace and volume of businesses making the move to the cloud can result in lax access controls, unsecured credentials, and various misconfigurations, which could leave a once previously secure solution now susceptible to attack. Threat actors have recognised these flaws and are using them to deploy malware.

Elastic’s Head of Security Intelligence and Director of Engineering  Jake King explained: “Today’s threat landscape is truly borderless, as adversaries morph into criminal enterprises focused on monetizing their attack strategies. Open source, commodity malware, and the use of AI have lowered the barrier to entry for attackers, but we’re also seeing the rise of automated detection and response systems that enable all engineers to better defend their infrastructures. It’s a cat-and-mouse game, and our strongest weapons are vigilance and the continued investment in new defense technologies and strategies.”

The Next Step in Ransomware Evolution

Only one year ago it took ransomware operators an average of four and a half days between initial access and deployment of the encryptor. Now that time has fallen to below a single day, with more than 50% of engagements deployed within 24 hours. In 10% of cases, that deployment time can be as little as five hours.

The reason behind this increase in speed is perhaps ironic. With cybersecurity teams ramping up their response to threats, hackers too have evolved to work faster. So there’s no doubt about it, we’re entering the “next step in the evolution of ransomware”,  but what are the tangible steps you can take to better protect yourself and business?  

From installing encryption software and using a VPN, to limiting access to critical data, there are a number of simple yet hugely effective cybersecurity measures you can take to defend against a ransomware attack and help prevent the GTR data increasing any higher.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Ellis Di Cataldo (MA) has over 9 years experience writing about, and for, some of the world’s biggest tech companies. She's been the lead writer across digital campaigns, always-on content and worldwide product launches, for global brands including Sony, Electrolux, Byrd, The Open University and Barclaycard. Her particular areas of interest are business trends, startup stories and product news.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals