Ransomware prevention research advances

Print Friendly, PDF & Email

There’s an abundance of research into how ransomware is constructed but efforts to eliminate ransomware altogether are at best nascent. The most recent example of such an effort comes from researchers at Cardiff University that in collaboration with Airbus are exploring how to apply machine learning algorithms to detect and shut down a ransomware attack in a matter of seconds.

The Vikrant Institute of Technology in India also published a paper outlining how machine learning algorithms might be applied to combat ransomware as far back as 2020. Another example of research in this area comes from the National Research Foundation of Korea, which has published a paper that explains how behavior analytics and processing monitoring might be used to thwart ransomware attacks targeting Android devices.

There is, of course, no shortage of tools for combatting ransomware but many are designed to help clean up a ransomware attack after the damage has been done. Given the economic devastation caused by ransomware attacks, the need for a method of preventing ransomware attacks from being launched in the first place is evident to all.

Ransomware gangs are now laying siege to entire countries. The government of Costa Rica is locked in a struggle with Conti, a ransomware gang with ties to Russia that is demanding $20 million to desist. The U.S. government has already offered up to $15 million for any information leading to the arrest of members of the gang. Of course, Conti is only one of many perpetrators being tracked. The U.S. government has also alleged that Moises Luis Zagala Gonzalez, 55, who resides in Ciudad Bolivar, Venezuela, is a cardiologist who in his spare time develops ransomware tools such as Jigsaw that he sells under the monikers of “Nosophoros,” “Aesculapius” and “Nebuchadnezzar.”

It’s apparent that the amount of effort to launch ransomware attacks has become trivial. Underground ransomware-as-a-service markets from which attacks can be easily launched are plentiful. The resources required to track down and arrest all the perpetrators of ransomware attacks simply don’t exist. In the meantime, ransomware attacks are becoming more difficult to thwart simply because the overall size of the attack surface that needs to be defended keeps expanding. Backup and recovery of pristine copies of data is still the most effective defense against these attacks. The issue is that even when that’s possible there is always going to be some level of disruption.

There may come a day when AI advances to the point where ransomware attacks become are longer possible. With all the great computer science minds working on the issue, it’s hard to understand why the issue continues to persist but the truth is no one imagined encryption techniques would be used by malicious actors to wreak this much havoc. Hopefully, if, and when, ransomware attacks are prevented from ever happening there won’t be some other technique that perverts a tool created for the good of all into the digital equivalent of a weapon of mass destruction.

Barracuda ransomware protection as easy as 1-2-3

Scroll to top