"It's not the big, sexy security topic that it once was, but there's some really interesting evolution in their tactics," he says. "For example, there are three campaigns that since January are just skyrocketing; they're super popular."
Specifically, he mentions Data Keeper, Satan and Gandcrab ransomware.
Data Keeper, for example, allows users to sign up for free and customize their malware. Then the site generates it for free, giving users a referral fee for every time their ransomware successfully compromises a victim.
The ransomware-as-a-service offering makes it "point-and-click easy for people to generate new ransomware," Lyne says, And it's just one example of a number of sites that are "bringing a whole load of new types of criminals ... to fraud that weren't there before, which I think is really, really scary."
In other words, organizations shouldn't take their eyes off the ransomware problem. "It's still a huge problem ... and the cybercriminals are very much still innovating here," he says.
In a video interview at the recent Infosecurity Europe conference in London, Lyne discusses:
- Ransomware trends;
- New criminal business models;
- Why artificial intelligence and machine learning will be transformative for large parts of the security industry and potentially also for criminals.
Lyne is a global research adviser at Sophos, head of research and development and creator of CyberStart at SANS Institute, and the founder and director of security research firm Helical Levity. He has worked with many organizations on security strategy, handled a number of severe incidents and is a frequent industry adviser. He is a certified instructor at the SANS institute and often presents at industry conferences.