2017 was a breakout year for Ransomware, although a prominent feature and topic of discussion in IT sector it had managed to stay out of the public eye and common parlance. This all changed on May 12th, 2017 and the WannaCry attack where international companies were crippled by the malware.
Ransomware has since become a buzzword: a highly sophisticated, easily distributed malware that has the potential be the greatest technological threat of our times.
The issue at hand is three-fold: (1) Our greater use of technology has not corresponded with greater vigilance on it; (2) We are using more immersive internet based technologies in our private and business lives, and (3) Ransomware has never been so cheap nor accessible – even criminals with no technical expertise can utilize Ransomware as a Service (RaaS) or buy it cheaply on the internet.
These core issues were poignant in 2017 they will be even more so in 2018 and beyond.
The Rise of RaaS
Ransomware statistics released by Sophos for the year 2017 shows that almost 90% of all ransomware circulated is either Cerber and WannaCry. Although WannaCry was big news in 2017, Cerber has been a constant menace since a year earlier. While other infamous strains like Petya, are expected to decline in circulation, Cerber has staying power and here’s why:
The creators of Cerber broke the mold and the standard model, by offering the malware to criminals in exchange for a percentage of each ransom. To stay ahead of the latest and greatest in security, their malware is constantly refined and updated posing new problems to anti-virus software in every strain. Let that sink in for a minute, one of the most circulated ransomware variants is in constant evolution – and it’s in the interest of the developers to make sure that this evolution is maintained. The commodifying of ransomware is something all business should be concerned about.
And to make matters worse Cerber is not the only ransomware strain based on a RaaS model – Satan and Philadelphia strains were prevalent in 2017 and are expected to grow into 2018.
Sophisticated hackers are not only focused on beating anti-virus scans and email filters, they are also considerate of UX, UI and customer flow to increase revenue. Spora offered up different payment options in a Ransomware Vaccine Menu where you (1) could get two free files decrypted on promotion, (2) have a selection of files decrypted, (3) have the ransomware removed OR (4) have all your files unencrypted – how convenient.
These details are indicative of a very well thought out and lucrative operation expect this kind of creative development around RaaS.
Our ever-growing reliance on connectivity and our digital devices is at the heart of the ransomware threat. The proliferation of smartphones and our use for them to hold increasingly sensitive and private information means that they are an open target for cybercriminals.
Mobile ransomware is much like the standard computer version, there are two core types Locky (which freezes your screen) and Crypto (which encrypts your data). Although the ransomware variants are different and they don’t tend to cross over onto mobile devices, these restriction methods prevail.
With lower security and poorer internet hygiene conducted on mobile, almost everyone in the world becomes a mark, as such Mobile Ransomware attacks grew 250% in 2017. And it’s not just hackers you need to watch out for: 800 apps on Google Play were found containing Xavir malware and there were many more infected with nefarious things, including spyware, banking bots and aggressive AdWare like Judy, which could have infected up to 35 million Android users globally.
The prevalence of BYOD workplaces has not gone unnoticed by would-be hackers. There is no easier way to infect a business network than having an unknowing employee bring it in through the front door. With smartphone use and BYOD workplaces on the rise, you can expect Mobile Ransoms to follow suit.
Immersive Technology and IOT
We’re creeping into a world where virtually everything in our living room and most things out of it could be internet connected. We are on the cusp of IOT and the smartification of everything infiltrating our daily lives. Smart TVs, Smartphones, Smartwatches, Smartfridge and Smartovens all leave us open to vulnerabilities.
The smartification of household goods means that there will be literally 10s of billions of devices open to attack in the coming decade.
This proliferation raises an interesting question about whose responsibility it is to make sure they are updated and secure? Typically, this technology is expected to last 10 – 15 years, much longer than our general use technology. Is the onus on the owner to make sure the devices are secured and updated? Or should the manufacturer be responsible for updates for the duration of its lifespan which can last decades? Whatever the conclusions are, it’s important we are informed about the security of smart household devices.
Security on Smart Household equipment needs to be raised today, but don’t let hackable smart cars and factory production lines slip your thoughts. 10 years ago, they may have seemed far-fetched, gradually these ideas are becoming very real.
The Future Sounds Scary
Yes, yes it does. And we have some further bad news – there is no way to protect yourself fully. The adaptability of ransomware distribution means you can become infected from anywhere: email attachments, drive-by downloads, connecting to an infected network to name a few.
The only way to deal with it is to have a comprehensive multi-pronged approach, like one outlined in a previous Cloud Tweaks article here.
Educate: If you run a business, it’s your obligation to educate your employees properly. And this does not mean a one-off workshop, but a continually reinforce strategy that updates everyone about the latest threats.
Your employees are your most vulnerable parties and those most likely to cause infection, but they are also your first line of defense.
Secure: Promote a proactive approach to cybersecurity utilizing licensed, reputable anti-virus solutions and rigorous spam-filtering. This paired with super simple internet and browsing hygiene will help mitigate infection. Of course, remember to update and scan regularly – hackers are constantly updating – so should your protections.
Backups: The only safety net that’s guaranteed to work. Ransomware is only effective if regular backups are not kept. Avoid critical data loss, downtime and of course having to pay a ransom.
By Sean Allan,
Sean is a Digital Marketing Manager at Aware Group, a Technology company witnessing the continued rise of Ransomware across industries.