Security firm LIFARS confirms that cybercriminals are acting like venture capital investors, funding startup cybercriminal organizations, such as Darkside Ransomware.
OK, now this is officially getting scary.
It was bad enough when we saw ransomware gangs join forces behind Maze to create a data publishing cartel. Then it got worse when we saw Ransomware as a Service take a major evolutionary step and get more organized. Next, we got a glimpse into the cybercrime ecosystem that is continuing to grow.
Now, it just makes sense that, because some of these groups have made literally tens or hundreds of millions of dollars, they are doing what any other successful business person would do with a lot of capital – invest it.
According to cybersecurity firm LIFARS, the ransomware ecosystem is creating its own venture capital model with ransomware gangs backing new cybercriminal startups in exchange for a percentage of future earnings.
This has serious ramifications; the next generation of malware now has money backing it. That means more organized development teams, faster time to market, and more effective ransomware.
The only way to thwart this next generation of cybercriminals is to look at the parts of the attack they can never modify – the need for a human to get involved via phishing. Security Awareness Training keeps those humans from falling for phishing, spear phishing, vishing, SMiShing, or social engineering tactics used to trick victims into clicking links, opening attachments, or responding to malicious requests – thereby, stopping a significant part of ransomware attacks– no matter who’s paying for it.