Hackers are thought to be moving away from 'high volume, low-value' methods of attack, opting instead to target senior managers with access to firms’ bank accounts and with the authority to sanction payments.

This is the warning issued by cyber analytics provider, CyberCube, which suggests cyber criminals may even use artificial intelligence to construct algorithms to hunt for individual targets.

Its latest report on ransomware trends predicts that criminals will more closely calibrate their ransom demands to an organisation’s financial performance, data assets and other measurables. This includes appetite and ability to pay ransoms.

Oliver Brew, one of the report’s authors, said: “The business model for cyber crime is evolving rapidly. Threat actor groups are conducting campaigns and adjusting their models to extract greater value from a smaller number of attacks. Recently, we’ve seen some very sophisticated and aggressive organised criminal groups conduct carefully targeted ransomware attacks, which mark a move away from the traditional high volume, low-value approach.”

According to figures from cyber security specialist Symantec, the volume of cyber attacks focusing on consumers has fallen from 69% in 2016 to 19% in 2018. In hand with this, payment demands are increasing, rising to millions of dollars in some instances.

Darren Thomson, Head of Cyber Security Strategy for CyberCube, added: “Insurers need to take a forward-looking view of cyber threats like ransomware. That’s why CyberCube is investing in research and development necessary to help the insurance industry anticipate how these attacks are evolving. It’s important to remember that the amount of ransomware attacks like Travelex which have gone public are just the tip of the iceberg.”

Share Story: