FEATURE : DATA SECURITY
Of all the types of cyberthreat activity across the region , it is eCrime that has seen a rapid increase since the virus first appeared earlier this year . Indeed , the CrowdStrike Threat Intelligence team has seen an increase in eCrime up over 330 % since the start of the year versus in 2019 .
The objectives of eCrime actors are shifting as well . Taking control of an organization ’ s IT infrastructure and then demanding payment for its release is now a primary tactic and in some cases threatening extortion .
The rising threat of ransomware
In the current threat landscape , ransomware continues to prove one of the biggest challenges for organizations across the region . Designed to bring organizations to a grinding halt so victims are forced to pay to regain access to critical data stores , it is a technique of choice for cybercriminals around the world .
If a victim refuses to make the demanded payment , the cybercriminal may threaten to make public some of the organization ’ s sensitive data . If payment is still not made , that data could then be posted to a site on the Dark Web where it can be accessed and potentially used by other parties .
A recent example of a criminal organization using ransomware is Smaug . This ‘ Ransomware-as-a-Service ’ threat allows criminals who lack the right technical skills to still mount an attack against a target . Users have to pay an upfront fee to use the service and then a certain percentage of any ransomware payments received .
The WastedLocker adversary group recently emerged and is designed to be tailored to work against specific target organizations . Operated by the cybercriminal group Evil Corp Gang , WastedLocker works by making a preliminary attempt at penetrating an IT infrastructure then collects information about the defenses in place and these are then taken into account before a second attack is mounted . Ransom demands received by victims so far have been very large , ranging from US $ 500,000 to more than US $ 10 million , payable in Bitcoin .
Scott Jarkoff , Director , Strategic Threat Advisory Group , APJ and EMEA , CrowdStrike
Key threat actors
CrowdStrike Intelligence has been observing the increasing sophistication of criminal organizations on a daily basis .
The adversary group Pinchy Spider , responsible for the now retired GandCrab ransomware , has developed a new
54 INTELLIGENTCIO www . intelligentcio . com