You speak English? Ransomware study reveals commonly desired targets and need for talent recruitment




The threat of ransomware, as presented by statistics showing the frequency of these attacks, is already upon us.


However, a new study developed by a cybersecurity firm named KELA suggests that victims can get an advantage by understanding how ransomware operators usually work.


Advances like the use of Bitcoin and cryptocurrencies, along with the rise of ransomware-as-a-service, has made this kind of attack almost absurdly easy to pull off. With that in mind, hackers are looking at refining their target audiences – no pun intended.


The KELA study, as reported at ZDNet, points out several criteria for targets commonly considered to be better for ransomware attacks. Hackers, ZDNet writer Charlie Osborne suggests, are trying to find companies with over $100 million in revenue, and hackers tend to discard companies in healthcare and education, assumedly because these types of businesses have already battened down the hatches to a greater extent.


Another criteria is companies and networks in the developed world. Targets in places like Russia and developing countries, Osborne says, are not as desirable because the payouts aren’t as good.


With that in mind, hackers are trying to get around the language barrier.


“Because so many cybercriminal groups operate from foreign countries, chatroom negotiations make heavy use of Google Translate,” write Brian Fung and Claire Sebastian for CNN Business. “Terse, one-word or one-sentence messages from the hackers in broken English are the norm. Despite the language barrier, many bargaining encounters are wrapped up within 10 to 15 exchanges.”


Osborne’s story talks about hackers trying to hire people who can speak good English and write clean and compelling English copy as part of the path toward the negotiating table.


“RaaS operators are attempting to better monetize the stage of an attack when a victim will contact ransomware operators to negotiate a payment, but as language barriers can cause miscommunication, ransomware groups are trying to secure new team members able to manage conversational English.”


All of this suggest that companies that pay attention to how hackers work can better defend against a ubiquitous type of attack that has really proliferated in recent years. Cybersecurity also has its profound impact on technology markets, so think about this if you have related holdings in your portfolio. New cybersecurity advances could move markets!