Thoughts FROM Searchlight’s Alex Blackman, inspired by the Searchlight cyber webinar – RANSOMWARE IN 2023: DARK WEB TRENDS & INSIGHTS.
Ransomware in 2023
It feels like you can’t open a newspaper these days without seeing a new ransomware attack (or a webinar by a cybersecurity company on the topic!). It’s a growing threat and it seems like no organizations are “off limits”, with recent attacks targeting businesses of all sizes, schools, governments, and even hospitals.
In this blog, we explore three key takeaways from our recent webinar, Ransomware in 2023: Dark Web Trends & Insights, to help cyber professionals stay ahead of these criminal groups.
Remember, you can also watch the full webinar on demand.
1. A brief history of ransomware
To kick off the webinar, Laurence Pitt, Director of Products at Searchlight Cyber gave a whistle-stop tour of ransomware groups and their TTPs, from the floppy disks around the fall of the Berlin wall in 1989, to the present day. As this clip demonstrates, the tactics of cybercriminals are continuously changing to evade cybersecurity countermeasures and to extort as much money as they possibly can from their victims.
2. What will be the three biggest ransomware trends in 2023?
Next came the inevitable “predictions for the future”. Or, as our Director of Threat Intelligence Jim Simpson put it, “the point where we look into a crystal ball and end up with egg on our face”. Egg aside, there are some clear trends we can observe from our visibility into the dark web activity of ransomware groups. These are the predictions Jim and Laurence made on where groups are likely to go next and how organizations can defend themselves from these emerging attacks:
3. the cyber threat intelligence lifecycle is like cooking a korma
Lastly, Jim treated us to an example of how the Cyber Threat Intelligence (CTI) lifecycle – a model used by cybersecurity experts to analyze the actions and motivations of attackers and implement preventative measures – can also be applied to cooking a delicious chicken korma.
This relatable metaphor demonstrates an important point for cybersecurity professionals: threat intelligence is only as valuable as the actions you can take on it. It is not enough just to know what ransomware groups are doing, security teams need to build this intelligence into threat models to determine what decisions they need to take to improve their security.