NSA: Ransomware Gangs Are Getting Rich Enough to Buy Zero-Day Exploits
The US National Security Agency (NSA) is highlighting a disturbing trend of ransomware gangs using their profits to buy zero-day exploits and to fund research into software vulnerabilities they can use to hack more targets.
“Because of the amount of money going into the ecosystem, [the ransomware gangs] are moving also to zero-days,” NSA Director of Cybersecurity Rob Joyce said at the RSA Conference in San Francisco this week.
“It’s not a huge problem. But each and every time you are paying a ransomware, you’re starting to feed that ecosystem,” he added. “That’s one area that I’m watching for next year.”
In some good news, Joyce said the recent sanctions on Russia over its invasion of Ukraine has made life harder for many ransomware gangs based in the country.
According to Joyce, the sanctions have disrupted the ability of Russian ransomware hackers to extract funds and pay for new IT infrastructure. He also went out of his way to push back on skeptics, who’ve been doubtful the sanctions have had any effect.
“People were asking, ‘We’re not sure if we’re seeing a dip in ransomware. How do you know this? Can you show me?’” Joyce said. “I would just say: How did we know? Really? We’re NSA. We heard them say they can’t get their money out. We heard them say that they can’t buy infrastructure.”
Joyce was quick to add: “Now that’s not going to last. They will, as all of us do...adapt and they’ll find new ways. And we’re seeing an uptick in some areas as they start to solve these problems.”
Still, the sanctions on Russia show the US can apply certain “levers” to impair ransomware actors. Joyce’s hope is that the US eventually develops creative solutions capable of hitting ransomware gangs across multiple avenues.
In the
Read more on pcmag.com
