<— Back

Once Gifted is always Gifted

Ransomware threats continued to be prevalent in 2023, Talos is seeing a significant surge in the evolution of the new players in the ransomware threat landscape. In our Year in Review 2022 report, we highlighted that the ransomware operators are moving away from operating as silos, and more diverse groups were started appearing. The shift in the trend has continued that not only operating from a diverse group but many new threat actors or cyber criminals whose skill sets range from less – more sophisticated have evolved in the ransomware threat landscape.

Talos believes that one of the important reasons behind the increase of new players in the ransomware threat landscape is the leaking of the ransomware source code or builders. The threat actors are heavily leveraging on modifying the leaked ransomware source code or utilizing the leaked ransomware builders, creating newer versions of ransomware with minor modifications.

Conclusion:

With more cybercriminals gaining access to the ransomware source code or builders, the overall frequency of ransomware attacks would increase. Defenders and Incident responders should be vigilant about the new ransomware families and the threat actors attempt to disguise as known ransomware families. Organizations should be meticulous about enhancing their proactive security measures, implementation of proven backup and recovery strategies, incident response capabilities, and promptly patching and updating their digital infrastructure, along with employee education in creating awareness of the implications of security breaches on the organization.