Ransomware Future

Ransomware Future: Fasten Your Seat Belts 2018 Is Here

Ransomware Future

2017 was a breakout year for Ransomware, although a prominent feature and topic of discussion in IT sector it had managed to stay out of the public eye and common parlance. This all changed on May 12th, 2017 and the WannaCry attack where international companies were crippled by the malware.

Ransomware has since become a buzzword: a highly sophisticated, easily distributed malware that has the potential be the greatest technological threat of our times.

The issue at hand is three-fold: (1) Our greater use of technology has not corresponded with greater vigilance on it; (2) We are using more immersive internet based technologies in our private and business lives, and (3) Ransomware has never been so cheap nor accessible – even criminals with no technical expertise can utilize Ransomware as a Service (RaaS) or buy it cheaply on the internet.

These core issues were poignant in 2017 they will be even more so in 2018 and beyond.

The Rise of RaaS

Ransomware statistics released by Sophos for the year 2017 shows that almost 90% of all ransomware circulated is either Cerber and WannaCry. Although WannaCry was big news in 2017, Cerber has been a constant menace since a year earlier. While other infamous strains like Petya, are expected to decline in circulation, Cerber has staying power and here’s why:

The creators of Cerber broke the mold and the standard model, by offering the malware to criminals in exchange for a percentage of each ransom. To stay ahead of the latest and greatest in security, their malware is constantly refined and updated posing new problems to anti-virus software in every strain. Let that sink in for a minute, one of the most circulated ransomware variants is in constant evolution – and it’s in the interest of the developers to make sure that this evolution is maintained. The commodifying of ransomware is something all business should be concerned about.

And to make matters worse Cerber is not the only ransomware strain based on a RaaS model – Satan and Philadelphia strains were prevalent in 2017 and are expected to grow into 2018.

Sophisticated hackers are not only focused on beating anti-virus scans and email filters, they are also considerate of UX, UI and customer flow to increase revenue. Spora offered up different payment options in a Ransomware Vaccine Menu where you (1) could get two free files decrypted on promotion, (2) have a selection of files decrypted, (3) have the ransomware removed OR (4) have all your files unencrypted – how convenient.

These details are indicative of a very well thought out and lucrative operation expect this kind of creative development around RaaS.

Mobile Attacks

Our ever-growing reliance on connectivity and our digital devices is at the heart of the ransomware threat. The proliferation of smartphones and our use for them to hold increasingly sensitive and private information means that they are an open target for cybercriminals.

Mobile ransomware is much like the standard computer version, there are two core types Locky (which freezes your screen) and Crypto (which encrypts your data). Although the ransomware variants are different and they don't tend to cross over onto mobile devices, these restriction methods prevail.

With lower security and poorer internet hygiene conducted on mobile, almost everyone in the world becomes a mark, as such Mobile Ransomware attacks grew 250% in 2017. And it’s not just hackers you need to watch out for: 800 apps on Google Play were found containing Xavir malware and there were many more infected with nefarious things, including spyware, banking bots and aggressive AdWare like Judy, which could have infected up to 35 million Android users globally.

The prevalence of BYOD workplaces has not gone unnoticed by would-be hackers. There is no easier way to infect a business network than having an unknowing employee bring it in through the front door. With smartphone use and BYOD workplaces on the rise, you can expect Mobile Ransoms to follow suit.

Immersive Technology and IOT

We’re creeping into a world where virtually everything in our living room and most things out of it could be internet connected. We are on the cusp of IOT and the smartification of everything infiltrating our daily lives. Smart TVs, Smartphones, Smartwatches, Smartfridge and Smartovens all leave us open to vulnerabilities.

The smartification of household goods means that there will be literally 10s of billions of devices open to attack in the coming decade.

This proliferation raises an interesting question about whose responsibility it is to make sure they are updated and secure? Typically, this technology is expected to last 10 – 15 years, much longer than our general use technology. Is the onus on the owner to make sure the devices are secured and updated? Or should the manufacturer be responsible for updates for the duration of its lifespan which can last decades? Whatever the conclusions are, it’s important we are informed about the security of smart household devices.

Security on Smart Household equipment needs to be raised today, but don’t let hackable smart cars and factory production lines slip your thoughts. 10 years ago, they may have seemed far-fetched, gradually these ideas are becoming very real.

The Future Sounds Scary

Yes, yes it does. And we have some further bad news – there is no way to protect yourself fully. The adaptability of ransomware distribution means you can become infected from anywhere: email attachments, drive-by downloads, connecting to an infected network to name a few.

The only way to deal with it is to have a comprehensive multi-pronged approach, like one outlined in a previous Cloud Tweaks article here.

Educate: If you run a business, it’s your obligation to educate your employees properly. And this does not mean a one-off workshop, but a continually reinforce strategy that updates everyone about the latest threats.

Your employees are your most vulnerable parties and those most likely to cause infection, but they are also your first line of defense.

Secure: Promote a proactive approach to cybersecurity utilizing licensed, reputable anti-virus solutions and rigorous spam-filtering. This paired with super simple internet and browsing hygiene will help mitigate infection. Of course, remember to update and scan regularly – hackers are constantly updating – so should your protections.

Backups: The only safety net that's guaranteed to work. Ransomware is only effective if regular backups are not kept. Avoid critical data loss, downtime and of course having to pay a ransom.

By Sean Allan,

Sean is a Digital Marketing Manager at Aware Group, a Technology company witnessing the continued rise of Ransomware across industries.

Cloud Syndicate

The 'Cloud Syndicate' is a mix of short term guest contributors, curated resources and syndication partners covering a variety of interesting technology related topics.

Contact us for syndication details on how to connect your technology article or news feed to our syndication network.

A Closer Look at the Hidden Costs of Collaboration Solutions

A Closer Look at the Hidden Costs of Collaboration Solutions

The Hidden Costs of Collaboration Solutions Collaboration technology is key to efficient communication and productivity for a dispersed and global workforce. And with the enterprise collaboration market estimated to grow from $26.68 billion in 2016 ...
CloudTweaks Q&A: How Smart Will Your City Be by 2025?

CloudTweaks Q&A: How Smart Will Your City Be by 2025?

How Smart Will Your City Be by 2025? What role does back end infrastructure play in connecting IoT devices? Probably the same infrastructure as we would want to see with an efficient regular (i.e. non-IoT) ...
Journey Science In Telecom: Take Customer Experience To The Next Level

Journey Science In Telecom: Take Customer Experience To The Next Level

Journey Science In Telecom Journey Science, being derived from connected data from different customer activities, has become pivotal for the telecommunications industry, providing the means to drastically improve the customer experience and retention. It has ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use cases and applications. Hence, it’s not surprising that of the Fortune 50 enterprises, 48 have ...
blcokchain contributor

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only thing that keeps the attacker away from your encrypted data. Some keys are usually treated ...

CLOUDBUZZ NEWS

Oracle Enables Smart Manufacturing with New Artificial Intelligence Cloud Applications

Oracle Enables Smart Manufacturing with New Artificial Intelligence Cloud Applications

Intelligent applications help improve overall business performance in manufacturing by driving smarter decisions, increasing yields and enhancing production efficiency Oracle today announced new artificial intelligence (AI) cloud applications that enable manufacturing organizations to reduce costs ...
Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Oracle Blockchain Cloud Service and Financial Services Enable Next-Gen Blockchain Innovators

Students Tackle Real Problems and Succeed in Blockchain Challenge In an effort to accelerate blockchain innovation in Financial Services and other industries, Oracle recently joined academia and banking industry leaders as part of the Carolina Fintech ...
Facebook suspends 200 apps over data misuse investigation

Facebook suspends 200 apps over data misuse investigation

(Reuters) - Facebook Inc has so far suspended around 200 apps in the first stage of its review into apps that had access to large quantities of user data, in a response to a scandal ...
The Lighter Side Of The Cloud - Direct Reporting
The Lighter Side Of The Cloud - Car Troubles
The Lighter Of The Cloud - Virtual Lunch Break
The Lighter Side Of The Cloud - Really Smart Machines
The Lighter Side Of The Cloud - The Dating Game
The Lighter Side Of The Cloud - YTF
CloudTweaks Comic
The Lighter Side Of The Cloud - Machine Learning
The Lighter Side Of The Cloud - The Money Grab