Fraud Management & Cybercrime , Ransomware , Video

Why Ransomware Gangs Opt for Encryption-Less Attacks

Zscaler Global CISO Deepen Desai on Shifting Attacker Tactics
Deepen Desai, global CISO and head of security research, Zscaler

In encryption-less attacks, ransomware gangs steal large volumes of sensitive data, including terabytes of information, without locking up systems. Attackers leverage the value of the stolen data as a means to coerce organizations into paying ransoms to avert data release.

See Also: Is Cyberstorage the New Paradigm for Data Security?

Attackers have shifted their strategies in the face of increased law enforcement attention and the desire to encourage ransom payments. This strategy to minimize business disruption helps keep the victim's business functional while pressuring them to pay the ransom discreetly, said Deepen Desai, global CISO and head of security research at Zscaler.

"There is increased government, law enforcement and regional crackdown happening against these ransomware operators," Desai said. "They also want to increase the chance of a victim paying ransom because in many of the cases - and this is not in large numbers - the victim will not even report it. They will pay it off and keep it under the wrap. It's a win-win situation if you think about it from their perspective."

In this video interview with Information Security Media Group at Black Hat USA 2023, Desai also discussed:

  • The evolution of attacker behavior and programming languages;
  • The growing trend of double-extortion attacks;
  • The importance of comprehensive defense strategies - such as inline sandboxing, TLS inspection and zero trust architecture - to counter evolving attack types.

Desai is responsible for running global security research operations as well as working with the product group to secure the Zscaler platform and service. He has been actively involved in the field of cybersecurity for the past 19 years. Prior to joining Zscaler, he held security leadership roles at Dell SonicWALL.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.