Ransomware strains are getting quicker and sharper than ever before

News
By
published

Some ransomware threats are deployed within hours

Ransomware
Image Credit: Shutterstock (Image credit: Shutterstock)

We’re witnessing the next step in the evolution of ransomware, new research from Secureworks has claimed, saying the dreaded malware strains are getting quicker and sharper than ever before - in direct response to the cybersecurity industry’s reaction to the threat.

In 2022, it took ransomware operators 4.5 days on average between initial access and the deployment of the encryptor. Today, that number fell below a single day - and in fact, in more than 50% of engagements, ransomware gets deployed within a day, and in 10% of cases, it gets deployed within five hours. 

The reason for this significant change is the cybersecurity teams’ response to the threat of ransomware. They’re getting better at spotting the initial signs that might lead to ransomware, forcing hackers to move faster. 

Faster than the defenders

“The driver for the reduction in median dwell time is likely due to the cybercriminals’ desire for a lower chance of detection,” commented Don Smith, VP Threat Intelligence, Secureworks Counter Threat Unit. 

“The cybersecurity industry has become much more adept at detecting activity that is a precursor to ransomware. As a result, threat actors are focusing on simpler and quicker to implement operations, rather than big, multi-site enterprise-wide encryption events that are significantly more complex. But the risk from those attacks is still high.”

Despite the change, cybercriminals are still using the same methods to deploy the same variants. In most cases, they go for scan-and-exploit, stolen credentials, or commodity malware distributed via phishing emails.

Through these channels, they get to deploy the usual suspects: LockBit, BlackCat, and Cl0p. There are also new entrants to the market - up-and-coming encryptors that are slowly making a name for themselves: MalasLocker, 8BASE and Akira are all newcomers worthy of attention, the researchers said. In fact, 8BASE listed nearly 40 victims on its leak site in June 2023, only slightly fewer than LockBit. 

Secureworks’ full report can be found on this link

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
ransomware avast
AI is helping hackers get access to systems quicker than ever before
Ransomware attack on a computer
Ransomware attacks surged in 2024 as hackers looked to strike faster than ever
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
Hands typing on a keyboard surrounded by security icons
35 years on: The history and evolution of ransomware
Latest in Security
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
Nation-state threats are targeting UK AI research
Scam alert
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
Scam alert
A new SMS energy scam is using Elon Musk’s face to steal your money
Representational image of a cybercriminal
Allstate sued for exposing personal customer information in plaintext
Latest in News
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
A close up of the limited edition vinyl turntable wrist watch from AndoAndoAndo
This limited-edition timepiece turns the iconic Technics SL-1200 turntable into a watch, and I want one
A close up of Gemma sitting down in Severance season 2 episode 7
'I'm like Gemma – I'm in the dark': Severance star Dichen Lachman shares disappointing filming update for the popular Apple TV+ show's third season
More about security
An American flag flying outside the US Capitol building against a blue sky

Sean Plankey selected as CISA director by President Trump
Scam alert

Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Meta QLC Server

Facebook engineers say bigger hard disk drives is making one critical metric far, far worse
See more latest
Most Popular
Meta QLC Server
Facebook engineers say bigger hard disk drives is making one critical metric far, far worse
Mufasa is joined by another lion, a monkey and a bird in this promotional image
Mufasa: The Lion King prowls onto Disney+ as it finally gets a streaming release date
Two iPhones showing Apple HomeKit settings
Still using an iPad as a Home Hub? Bad news – Apple is about to end support for it
Horizon Zero Dawn Remastered
Future PlayStation games could have AI-powered characters, if this leaked prototype of Aloy is anything to go by
An American flag flying outside the US Capitol building against a blue sky
Sean Plankey selected as CISA director by President Trump
Scam alert
Fake jobs and phone calls: How Americans lost $12.5 bn to fraud in 2024
Indiana Jones talking to a friend in a university setting with a jaunty smile on his face
New leak claims Indiana Jones and the Great Circle PS5 release will come in April
OpenAI
OpenAI wants to help your business build its next generation of AI agents
A close up of Gemma sitting down in Severance season 2 episode 7
'I'm like Gemma – I'm in the dark': Severance star Dichen Lachman shares disappointing filming update for the popular Apple TV+ show's third season
An Nvidia GeForce RTX 4060 on a table with its retail packaging
Nvidia RTX 5060 GPU spotted in Acer gaming PC, suggesting rumors of imminent launch are correct – and that it’ll run with only 8GB of video RAM