Councils face intensified ransomware threat

Groups behind ransomware campaigns are set to concentrate their attention on local government in 2016, according to a report by security experts.

The 2016 Threats Predictions report by cybersecurity firm McAfee Labs said that such attacks, which are already happening, are set to grow significantly next year.

Ransomware is malware which prevents users from accessing their systems or data and demands money for the victim to regain access.

Christiaan Beek, director of threat intelligence, malware operations, at McAfee Labs, said: “The groups behind most current ransomware campaigns are going for ‘fast cash,’ by using spam campaigns and exploit kits such as Angler, and targeting wealthy countries in which people can afford to pay the ransom.

“While we expect this to continue in 2016, we also foresee a new focus on industry sectors including financials and local government, which will quickly pay ransoms to restore their critical operations.”

Related content

Isis hacking reports ‘mistaken’, says council
Sophos State of the Nation: An inside view of current IT security policy and future changes in local government and police

Beek said that, usually, only Microsoft Office, Adobe PDF and graphics files are targets, but that the range of file extensions targeted is expected to grow.

In addition, attacks will start targeting Mac OSX due to its growing popularity.

McAfee Labs also said that the motivations of hackers are becoming increasingly unclear following the Ashley Madison hack, where an unknown group released user data from the extra-marital dating site.

The report said the attack “does not sound like a high-minded, clearly defined political or social action, which is a cornerstone of a true hacktivist attack.”

Last year, a group claiming to be Anonymous executed a series of cyberattacks on Canadian police, court, and government institutions last year.

Anonymous denied involvement, saying that they would not condone some of the actions taken by the attackers. The incident remains unexplained.

Raj Samani, vice President, chief technical officer for Intel Security in Europe, the Middle East, and Africa at McAfee Labs’ parent company Intel, said: “It is possible that these actions and others like them are the work of chaotic actors—those who just want to see things burn.

“If that is true, then we may be entering a world of vandalism at an industrial scale.”

However, he said that the motivation also be classic cybercrime using hacktivism as a mask, or even “false flag” operations aimed at discrediting Anomymous.

Colin Marrs

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you! Your subscription has been confirmed. You'll hear from us soon.
Subscribe to our newsletter