Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The next severe cyber threat targeting consumers may be ransomware. If you’re a hacker, ransomware is very appealing because it allows you to collect payment directly from the victim as opposed to fencing stolen data. Most users aren’t aware of how vulnerable they are to ransomware. Experts seem to agree that ransomware could be a major digital threat over the next five years.
This issue was presented in a panel discussion at Georgetown Law’s “Cybercrime 2020: The Future of Online Crime and Investigations” conference held December 4, 2014. Author Brian Donohue writes in ThreatPost,
Indeed the panel agreed that ransomware is likely the future of cyber crime, at least as far as consumers are concerned. ‘I think we are going to see ransomware scale well in the Internet of things,’ Dai Zovi said. ‘It’s already targeting networked storage.’
Ransomware is basically a two-step scheme: malware is installed that encrypts or locks a machine and demands direct payment to decrypt or unlock.
In payment processing schemes, cyber criminals need to install the malware and figure out how to quietly exfiltrate the data they’re after. Once they have the data they need to convert it into something they can use or sell. Adding to the difficulty for POS schemers, banks are increasing their security and putting into practice more secure payment forms like EMV.
Also, within payment processing schemes a very low percentage of stolen credit cards ever gets sold. In a recent episode of 60 Minutes, Brian Krebs of krebsonsecurity.com estimated that only 5% of the credit cards stolen in the Target breach will ever be sold. Essentially, thousands of credit cards need to be stolen to make the scheme worthwhile.
One of the most prolific ransomware campaigns in history was known as CryptoLocker, and it demonstrated how much money could be made by well-organized ransomware campaigns. Security Firm Fox IT mentions in its blog that CryptoLocker earned an estimated $3 million US for the group responsible over a nine-month period.
Favorite targets for website-based malware campaigns are major brands since they typically have thousands of web properties that are difficult to police and keep tabs on. For example, organizations with sprawling web presences tend to have large numbers of orphaned web pages, which are often unpatched and ripe for exploitation.
Ransomware is also a much more damaging digital threat to consumers than credit card theft. “Ransomware is the future; it’s going to touch the consumer hard,” Howard said. “Banks cover credit card fraud. Just wait until [criminals] start poking you for $20 per month.” — Rick Howard, CSO, Palo Alto Networks.
In other words, consumers have thus far tolerated credit card breaches because they can recover what was stolen. What happens when they aren’t reimbursed? Odds are low that law enforcement will be able to help, and banks are not responsible.
It may seem far-fetched to believe malware spread via websites can reach enough computers to have a serious impact on consumers. However, a recent report on a malvertising campaign known as “The Kyle and Stan Malvertising Network,” indicates that malvertisements appeared on “mammoth websites” over a prolonged period of time.
There is no silver bullet when it comes to addressing malware, and therefore no true preventative security solution for its variations like ransomware. However, maintaining constant vigilance with purpose-built detection and insight from experts can provide a strong foundation to address, respond to and mitigate campaigns before they cause widespread damage.
RiskIQ has put together a highly advanced digital threat detection system that focuses on the interaction points between large-scale Internet infrastructures and users. We’ve invested heavily in developing a detection system capable of simulating real user sessions in order to coax out well-disguised malware.
The scale of our web crawling technology allows us to offer customers continuous monitoring over all web assets. Brands looking to protect their online customer base can rely on RiskIQ to help them keep a watchful eye out for potential digital threats like ransomware.
Back to RiskIQ Blog
Tomorrow: RiskIQ's @joshuamayfield sits down with @forrester's @josh_zelonis to discuss what goes into a next-gen vulnerability management program, and why discovering unknowns is where it all starts: https://t.co/kCxgPVJ1sD
What are the keys to a Modern Vulnerability Risk Management Program? On Tuesday, @joshuamayfield and @josh_zelonis will examine why defending your organization's digital attack surface starts with being able to discover unknowns and investigate threats: https://t.co/kCxgPW0Ckb
IGNITE is just 10 days away! RSVP now to kick off #RSAC and party with Flashpoint, @elastic, @ThreatQuotient, @Siemplify, and @RiskIQ: https://t.co/hnlh0UhHEo
The largest UK #GDPR fine was £183m in 2018 as B.A. booking website was hit by Magecart ccard skimming code. @RiskIQ worked with https://t.co/E3JRdvCMWA and Shadowserver to take down the malicious domains. https://t.co/iiH69vbKFK