Ransomware is not only getting worse, but attackers are also speeding up their attacks by using offensive tools to steal valid credentials and hit targets quickly and accurately. The way the practice works has changed a lot in the last five years. At first, attackers tried to encrypt data, but now they threaten to steal it to get victims to pay.
Threats of triple extortion to reveal stolen data quickly replaced threats of double extortion. Threat actors also stopped threatening companies and started contacting victims directly to get money.
"You can just log in if you can get your credentials." Related: A flaw in Google's Gemini AI Panel makes it possible for hackers to take control of it. Attackers are also rushing to use AI as businesses do.
It's making ransomware better, mostly when it comes to gathering information. Arctic Wolf saw hackers use AI to do general and vulnerability research on victim organizations. Matt Hull, vice president of cyber intelligence and response at NCC Group, says that attackers are using AI in two main ways: scaling and automation, and high-fidelity social engineering tactics. He warns that these advanced tactics are "fundamentally changing the risk profiles for enterprise."
