Black Hat , Events , Fraud Management & Cybercrime
Ransomware Gangs Are in Decline But Still Make Lots of Noise
RedSense's Bohuslavskiy and Smith on How Attacks on Healthcare Show DesperationRansomware groups may be on the decline, but they still pose major threats. Cybercriminals are more desperate these days. They are targeting previously unthinkable victims, such as children's hospitals and cancer centers, and creating the illusion of increased activity, according to two experts from RedSense, Yelisey Bohuslavskiy, partner and chief research officer, and Marley Smith, principal threat researcher.
See Also: Protecting Australia’s Vital Energy Grid with Stronger Security Culture
Over the past five years, advancements in tools such as endpoint detection and response, compliance measures and AI have bolstered defenses, while attackers have continued to use the same tactics, code and personnel they've had since the ransomware boom began. "Ransomware is in a state of deterioration. It's just a very slow one," Bohuslavskiy said.
"What we are seeing is the novelty of threats and tactics in order to strike fear into the average person, because at this point, any publicity is good publicity," Smith said. "If they're not constantly being mentioned in the 24-hour news cycle, it may look like they're actively dying. So, just because things are in decline doesn't necessarily mean that they're less present in the average person's life. If anything, they're probably much more at the forefront."
In this video interview with Information Security Media Group at Black Hat 2024, Bohuslavskiy and Smith also discussed:
- Why healthcare attacks are rising, despite declining trends in other sectors;
- The role of law enforcement in ransomware group takedowns and the psychological toll on attackers;
- Key ransomware trends expected in 2025.
Prior to RedSense. Bohuslavskiy was the co-founder and head of research and development at threat intelligence firm Advanced Intelligence. He previously worked as a cyberthreat intelligence analyst at Flashpoint and due diligence researcher at Kroll.
Smith works on RedSense's intelligence team, conducting in-depth investigations of ransomware syndicates, novel malware, state-affiliated threat groups and the constantly evolving dynamics of the cybercrime ecosystem.