Data hijacking or ransomware has been experiencing a boom in recent months. Cybercriminals are finding in this type of network attack a way to obtain merchandise that is as valuable as it is susceptible to its owners, and cybersecurity defenses are not always the most appropriate to prevent it.
The latest Cybernomix 101 study from Barracuda Networks indicates that 7 out of 10 companies have suffered ransomware attacks in the last year, highlighting that 61% of victims of these ransomware attacks paid the ransom to recover their data.
As if that were not enough, half of those surveyed for this research affirm that AI will allow cybercriminals to carry out more attacks, while 62% confirm that this technology is helping their sophistication.
But why are these data hijackings in fashion? Do cybercriminals really seek more ransoms than the value of the data itself? For Miguel López, CEO of Barracuda Networks, the answer is this: “They actually look for both. Cybercrime has become professionalized to incredible levels and we currently see how there are groups that specialize in direct extortion while others focus on monetizing stolen data by selling it to different groups. Many times these groups collaborate in the attack,” he explains.
According to López, “the double extortion model has been consolidated in ransomware, that is, the data is encrypted to make it inaccessible and demand a ransom for it, but simultaneously it is also stolen to threaten to disclose it,” which makes “the attacked entity be more inclined to pay, both to recover the use of your data and the continuity of your operations, and to avoid the bad image and possible legal repercussions that the theft of that data may have.”
The result is that many of the attacked entities give in and pay an often unsatisfactory ransom: “This payment does not always guarantee obtaining the decryption key (and therefore the recovery of access to that data) and, furthermore, the data that have been stolen are never recovered, they are already outside the organization and the attackers monetize them by reselling them to other groups or using them in future attacks,” highlights the specialist.
You have to put yourself in the shoes of these companies that pay for data ransoms to understand why they do it, since “both the prestige, or the image of the company, and the importance of the stolen data are very important factors in time to encourage the company to make the payment”, although López gives an even more important one: in many cases the ransomware attack completely prevents the entity’s operations.
“In these cases in which the attack paralyzes the activity completely and the attacked organization cannot recover on its own, since it lacks backup copies (or these were not made with the appropriate security policies and have also been compromised) “It is common for payment to be made simply because, if not done, the risk of total indefinite blocking of activities can lead to the disappearance of the entity,” he recalls.
In this context where the cybersecurity of companies is being violated, artificial intelligence has also entered the scene: “There are a multitude of scenarios where the use of AI-based tools can help cybercriminals carry out more sophisticated, more aggressive or more aggressive attacks. credible. We have probably not even been able to imagine many of these scenarios yet,” says López.
For this reason, he explains that AI can serve “to make phishing emails, in any language, have a more natural and credible language, making it more likely that the recipient of the message will be deceived” or that certain AIs will be asked to “that improve the development code of various types of malware, making them more harmful or simply more difficult to detect.”
In addition to this, AI “is capable of generating completely credible photographs or even videos and audio that can impersonate anyone” to the point that it affects “our boss or a family member in a totally credible video, inciting us to click.” “by linking to a malicious site and ignoring warning messages from security tools.”
Although AI is a threat, it is also a defensive weapon: “Most of the leading cybersecurity providers have been using tools based on machine learning and artificial intelligence for years to improve detection and response to different attacks,” recalls López. .
In other words, “the use of artificial intelligence in cybersecurity tools is currently mandatory to deal with attacks that are becoming more targeted and specific every day and whose detection, using other more traditional tools (such as signature files) , heuristics, or the analysis of the reputation of IPs), would be practically impossible.”
These rapid changes in the conception of cybersecurity and new methods of attack on the network mean that companies and institutions are actively seeking cybersecurity experts with quality training.
With this Master in Cybersecurity you will train in techniques for detecting and preventing cyber attacks, as well as incident management and data recovery. The course syllabus covers a wide variety of topics, such as digital forensics, information protection, cloud security, risk management and cybersecurity legislation.
Thanks to the Master’s Degree in Cybersecurity you will learn the use of the most avant-garde tools in the Computer Security sector such as Kali Linux, Fortify, Sandas GRC, Foca or eMarisma and you will be able to conclude your master’s degree with a double degree, specializing in Industrial Cybersecurity.
This Master in Cybersecurity aims to train computer security professionals capable of controlling the methodologies and techniques necessary to manage, plan, design and implement the procedures necessary to optimize the security of different assets, taking into account the latest recently appeared threats.