author photo
By SecureWorld News Team
Tue | Feb 20, 2018 | 3:16 PM PST

Digital extortion has evolved into the most successful criminal business model in the current threat landscape.

The threat will take even greater mitigation efforts in the future.

We know, because we've just finished reading a fascinating report on the future of digital extortion by the Trend Micro Forward-Looking Threat Research (FTR) Team.

Future of digital extortion attacks

According to David Sancho of the FTR Team, "Online extortionists have a wide field open to them in the future," because of changes in technology and the way business gets done.

Here are five areas where digital extortion threats are forecast to grow and why, according to the new report.

Rising threat: Corporate or personal smear campaigns through new technology

Remember that video of the guy getting physically dragged off the United Airlines flight? When something is "caught on camera" we really believe it, and it can lead to significant harm of a company's reputation. And that will give extortionists a lot of power because of new tech:

"Regarding possible future targeted attacks, the development of new video and audio technologies can have a big impact for online extortionists. The University of Washington has published academic work on spoofing video footage once there is enough audio available. The software the researchers wrote can generate realistic video and audio of the target person based on arbitrary scripts. The use of these technologies to spread false declarations or news in the context of smear campaigns for extortion has an immense potential for criminals."

Rising threat: Advances in ransomware

While ransomware is already a major concern now, in 2018, Trend Micro's report lists three ways it will become more attractive to bad actors.

  • Automation of decryption key technology
    Payment of ransom and distribution of keys to recover your data will become automated. This removes a key bottleneck of the ransomware operation, giving bad actors more time to go after new targets.
  • Dynamic pricing
    Digital extortionists will continue to refine their pricing models to maximize the odds of success. They will know the nature of the business affected, the number of IP addresses on the network, and the corporate or personal value of the data they've encrypted. They will then price the ransom accordingly.
  • Polluting data to corrupt backups
    This is where extortionists will encrypt a legitimate backup, then over the course of a few days slowly alter and corrupt data on the network so that company-owned backups have been altered. Only the original backup hackers hold is of value, and you are much more likely to pay the ransom.

Rising threat: Blockchain and digital transactions

This threat will be about more than trying to steal digital currency.

"Private keys used for wallets for networks like Bitcoin and Ethereum can be targeted and used in extortion. After infecting the victim’s computer, an attacker can look for wallets or private keys in order to disable or steal the value of the currency in it. Worse than that, if instead of a currency, the blockchain network represents some other intangible asset, the attacker can alter it with unspecified consequences. Imagine things like Namecoin, a blockchain network for registering domain names, or even Ethereum being used to sign smart contracts. In a future where such a system is used to represent any complex transaction, targeting these abstract data assets might have a negative impact for the individual or company and they might feel compelled to pay extortionists."

Rising threat: Supply chain disruption

Assuming the attackers already have access to the victim’s network, "they might insert logic bombs or Trojans into specific network locations. The company will have to pay ransom before the attackers reveal where the bugs are so they can be disabled. A more insidious possibility would be for an attacker to keep backdoor access to the company and use it to mount local attacks, then extort the company in exchange for revealing the location of the backdoor."

Another option here is manufacturing process alteration. "One manufacturing process inside the company might be modified ever so slightly so that the final products are flawed but not obviously so. The criminal would then ask for money to reveal where the manufacturing machinery was modified to introduce the defects or even which exact batches were affected by the defect."

Rising threat: Holding the IoT hostage

The Internet of Things holds so much promise for all of us. This includes hackers who are in the business of digital extortion.

"An example of this would be a smart car being hijacked and rendered inoperable by an attacker, causing the car and passenger to be stranded a hundred miles away from home. In this scenario, the car owner would definitely consider paying the ransom to regain access to the car. "

That's especially true if you were headed somewhere important—a job interview, a wedding, or a meeting with a crucial client.

We've only been able to hit a few highlights here. You should check out Trend Micro's report, Digital Extortion: A Forward-Looking View, for more in-depth analysis, including how InfoSec has the opportunity to prepare now for these rising threats.

It seems clear the battle between cybersecurity teams and bad actors will continue in new and sometimes unexpected ways.

Comments