Ransomware Future: Fasten Your Seat Belts 2018 Is Here

Ransomware Future

2017 was a breakout year for Ransomware, although a prominent feature and topic of discussion in IT sector it had managed to stay out of the public eye and common parlance. This all changed on May 12th, 2017 and the WannaCry attack where international companies were crippled by the malware.

Ransomware has since become a buzzword: a highly sophisticated, easily distributed malware that has the potential be the greatest technological threat of our times.

The issue at hand is three-fold: (1) Our greater use of technology has not corresponded with greater vigilance on it; (2) We are using more immersive internet based technologies in our private and business lives, and (3) Ransomware has never been so cheap nor accessible – even criminals with no technical expertise can utilize Ransomware as a Service (RaaS) or buy it cheaply on the internet.

These core issues were poignant in 2017 they will be even more so in 2018 and beyond.

The Rise of RaaS

Ransomware statistics released by Sophos for the year 2017 shows that almost 90% of all ransomware circulated is either Cerber and WannaCry. Although WannaCry was big news in 2017, Cerber has been a constant menace since a year earlier. While other infamous strains like Petya, are expected to decline in circulation, Cerber has staying power and here’s why:

The creators of Cerber broke the mold and the standard model, by offering the Malware to criminals in exchange for a percentage of each ransom. To stay ahead of the latest and greatest in security, their malware is constantly refined and updated posing new problems to anti-virus software in every strain. Let that sink in for a minute, one of the most circulated ransomware variants is in constant evolution – and it’s in the interest of the developers to make sure that this evolution is maintained. The commodifying of ransomware is something all business should be concerned about.

And to make matters worse Cerber is not the only ransomware strain based on a RaaS model – Satan and Philadelphia strains were prevalent in 2017 and are expected to grow into 2018.

Sophisticated hackers are not only focused on beating anti-virus scans and email filters, they are also considerate of UX, UI and customer flow to increase revenue. Spora offered up different payment options in a Ransomware Vaccine Menu where you (1) could get two free files decrypted on promotion, (2) have a selection of files decrypted, (3) have the ransomware removed OR (4) have all your files unencrypted – how convenient.

These details are indicative of a very well thought out and lucrative operation expect this kind of creative development around RaaS.

Mobile Attacks

Our ever-growing reliance on connectivity and our digital devices is at the heart of the ransomware threat. The proliferation of smartphones and our use for them to hold increasingly sensitive and private information means that they are an open target for cybercriminals.

 

Mobile ransomware is much like the standard computer version, there are two core types Locky (which freezes your screen) and Crypto (which encrypts your data). Although the ransomware variants are different and they don’t tend to cross over onto mobile devices, these restriction methods prevail.

With lower security and poorer internet hygiene conducted on mobile, almost everyone in the world becomes a mark, as such Mobile Ransomware attacks grew 250% in 2017. And it’s not just hackers you need to watch out for: 800 apps on Google Play were found containing Xavir malware and there were many more infected with nefarious things, including spyware, banking bots and aggressive AdWare like Judy, which could have infected up to 35 million Android users globally.

The prevalence of BYOD workplaces has not gone unnoticed by would-be hackers. There is no easier way to infect a business network than having an unknowing employee bring it in through the front door. With smartphone use and BYOD workplaces on the rise, you can expect Mobile Ransoms to follow suit.

Immersive Technology and IOT

We’re creeping into a world where virtually everything in our living room and most things out of it could be internet connected. We are on the cusp of IOT and the smartification of everything infiltrating our daily lives. Smart TVs, Smartphones, Smartwatches, Smartfridge and Smartovens all leave us open to Vulnerabilities.

The smartification of household goods means that there will be literally 10s of billions of devices open to attack in the coming decade.

This proliferation raises an interesting question about whose responsibility it is to make sure they are updated and secure? Typically, this technology is expected to last 10 – 15 years, much longer than our general use technology. Is the onus on the owner to make sure the devices are secured and updated? Or should the manufacturer be responsible for updates for the duration of its lifespan which can last decades? Whatever the conclusions are, it’s important we are informed about the security of smart household devices.

Security on Smart Household equipment needs to be raised today, but don’t let hackable smart cars and factory production lines slip your thoughts. 10 years ago, they may have seemed far-fetched, gradually these ideas are becoming very real.

The Future Sounds Scary

Yes, yes it does. And we have some further bad news – there is no way to protect yourself fully. The adaptability of ransomware distribution means you can become infected from anywhere: email attachments, drive-by downloads, connecting to an infected network to name a few.

The only way to deal with it is to have a comprehensive multi-pronged approach, like one outlined in a previous Cloud Tweaks article here.

Educate: If you run a business, it’s your obligation to educate your employees properly. And this does not mean a one-off workshop, but a continually reinforce strategy that updates everyone about the latest threats.

Your employees are your most vulnerable parties and those most likely to cause infection, but they are also your first line of defense.

Secure: Promote a proactive approach to cybersecurity utilizing licensed, reputable anti-virus solutions and rigorous spam-filtering. This paired with super simple internet and browsing hygiene will help mitigate infection. Of course, remember to update and scan regularly – hackers are constantly updating – so should your protections.

Backups: The only safety net that’s guaranteed to work. Ransomware is only effective if regular backups are not kept. Avoid critical data loss, downtime and of course having to pay a ransom.

By Sean Allan,

Sean is a Digital Marketing Manager at Aware Group, a Technology company witnessing the continued rise of Ransomware across industries.

Juan Pablo Perez Etchegoyen

The S/4 HANA Decade is Here: Three Tips for a Successful Migration

Three Migration Tips For organizations using SAP, migrating to S/4 HANA is a project that’s either in the works or on the horizon as the 2027 deadline for completion looms. The new generation of SAP ...
Tesla Twitter

The Tesla Story The World Is Ignoring

The Tesla Story The World Is Ignoring Bugatti is one of the most recognized names among luxury supercars. After the founder Ettore Bugatti died, the company nearly disappeared in 1952. Until Italian businessman Romano Artioli ...
Hacker Cloud

Pandemic and Cybersecurity: Top Threats to Businesses

Pandemic and Cybersecurity The worldwide spread of the COVID-19 virus is coming to naught (or at least we hope so). But the impact that this virus produced on the whole world, and specifically on businesses, ...
Shells.com – Your Personal Cloud Computer

Shells.com – Your Personal Cloud Computer

Personal Cloud Computer Shells, a robust virtual desktop infrastructure, ensures better performance by enabling its users to incorporate a layer of virtualization between the control server and any device that they choose. This way, it ...
Kash Shaikh

A Clairvoyant Look Back on 2021

In a lookback from the future, here is what happened in 2021 as reported on January 1, 2022. 2021 was the year that our world worked its way out of the 2020 pandemic and back ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.