In recent times, our attention has been drawn to ransomware attacks targeting both public and private entities. However, a new concern has emerged: ransomware testing. According to a report from cybersecurity firm ‘Performanta’, hackers are conducting ransomware tests in developing regions such as Africa, Asia, and South America before setting their sights on Western countries.
These testing grounds include countries like India, Pakistan, Sri Lanka, Maldives, Singapore, Chile, and Malaysia. An alarming example is the recent attack on a Senegalese bank in Chile. This sophisticated malware not only disrupted services temporarily but also wiped financial data from a tax firm in Colombia, a government agency in Argentina, and servers of a data analytics firm in Cape Town.
Developing countries are prime targets for such tests due to their rapid digitalization and relatively weaker security infrastructure. Moreover, emerging malware groups like LockBit and BlackCat, also known as ALPHV, are using these regions as testing grounds. Once they successfully infiltrate companies in places like Tonga, Senegal, and South Africa, they expand their operations to Western targets.
One notable group, Medusa, has successfully breached numerous Western companies after establishing a foothold in developing regions. In 2023 alone, they executed 99 breaches in the US, Canada, Italy, and France. Furthermore, groups like Medusa are not only carrying out attacks but also selling their techniques to other malicious actors, escalating the threat landscape.
As for solutions, the battle against ransomware seems unending. However, there is growing apprehension among threat actors about potential covert operations by law enforcement agencies like the FBI and Europol. The fear of being apprehended and losing their illicit gains may serve as a deterrent, albeit a limited one, against ransomware activities.
