Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Ransomware Gangs Evolve: They’re Now Recruiting Penetration Testers

    A new and concerning cybersecurity trend has emerged. According to the latest Q3 2024 Cato CTRL SASE Threat Report from Cato Networks, ransomware gangs are now actively recruiting penetration testers to enhance the effectiveness of their attacks. 

    This development signals a significant shift in the tactics employed by cybercriminals and underscores the need for organizations to remain vigilant in their defense strategies.

    Traditionally, penetration testers, or “pen testers,” have been employed by organizations to identify vulnerabilities in their systems. However, the report reveals that threat actors are now seeking these skilled professionals to join ransomware affiliate programs such as Apos, Lynx, and Rabbit Hole. This move mirrors legitimate software development practices, where testing is crucial before deployment.

    Etay Maor, chief security strategist at Cato Networks, explains, “Ransomware is one of the most pervasive threats in the cybersecurity landscape. It impacts everyone—businesses and consumers—and threat actors are constantly trying to find new ways to make their ransomware attacks more effective.”

    The report also highlights the growing concern of “shadow AI” – the unauthorized use of AI applications within organizations. This practice poses significant risks, particularly regarding data privacy. Cato CTRL identified ten AI applications being used without proper vetting, including Bodygram, Craiyon, and Otter.ai. Organizations must be aware of the potential exposure of sensitive information through these unsanctioned AI tools.

    Another critical finding from the report is the underutilization of TLS (Transport Layer Security) inspection. Only 45% of participating organizations enable TLS inspection, and a mere 3% inspect all relevant TLS-encrypted sessions. This gap in security leaves organizations vulnerable to attacks hidden within encrypted traffic.

    The report found that 60% of attempts to exploit known vulnerabilities were blocked in TLS traffic during Q3 2024. Moreover, organizations that enabled TLS inspection blocked 52% more malicious traffic compared to those without it.

    As ransomware gangs continue to evolve their tactics, it’s clear that organizations must adapt their cybersecurity strategies accordingly. The recruitment of penetration testers by threat actors represents a significant escalation in the sophistication of ransomware attacks.

    To stay ahead of these threats, businesses should:

    1. Implement comprehensive TLS inspection protocols
    2. Be vigilant about shadow AI usage within their organization
    3. Regularly update and test their cybersecurity measures
    4. Invest in employee training to recognize and report potential threats

    By staying informed and proactive, organizations can better protect themselves against the ever-evolving landscape of cyber threats.


    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 25 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top