The future of ransomware

The future of ransomware

Many businesses – and individuals – were affected by the various cyberattacks perpetrated in the past six months. Ransomware seems to have taken over the headlines this year, and it’s not going away anytime soon. Ransomware is most likely to be a topic that will remain highlighted in the years to come.

The business world is becoming more digitised. Data, systems, apps and networks can be crippled by a ransomware attack, which is catastrophic for any business or organisation when these vital systems become interrupted. But it’s not just business that suffers: in this year’s WannaCry attack, 70,000 devices in Britain’s National Health Services were affected with knock-on effects on emergency medical services.

Ransomware has climbed meteorically since it first emerged in the mid-2000s, but the aim has mostly remained the same: to extort money from victims. Important data and files are encrypted, leaving the hacker with the only means to access those files. The victim is then asked to pay a ransom – most often in Bitcoin – in order to receive a decryption key so that they can retrieve their files safely.

“In the beginning, many of the ransomware attacks were actually very convincing hoaxes. Other cyberattackers used screen locks so all the victim could see was the notification window. These days, the ransomware that’s out there not only locks information and data, but can also potentially delete encrypted files after a specified time period,” explains Anvee Alderton, Channel Manager at Trend Micro Southern Africa.

According to Trend Micro, there were 29 different ransomware families in 2015. Just a year later, 247 families emerged – that’s a 752% increase. The hackers have indeed profited from their attacks, raking in millions of dollars by attacking big businesses without data backups. In the first few months of 2017, ransomware attacks climbed a further 250%.

These attacks are on track to reach another milestone this year; as seen in another report, ransomware attacks rose 250% during the first few months of 2017, with many infections centred around the US.

“We at Trend Micro believe that the ransomware strategy used by hackers will evolve in the not too distant future. Given the amount of new ransomware we hear about regularly, there will be new ransomware samples that will emerge. The sad thing is that there are a lot more attacks focusing on the healthcare industry these days, because of the valuable patient data they have. These attacks on healthcare providers might increase too,” Alderton predicts.

This may sound as though we are heading towards a ransomware apocalypse, however the good news is that law enforcement is making strides towards catching up with cybercriminals. Various law enforcement organisations have begun to collaborate with other groups such as Cyber Threat and No More Ransomware in order to identify the sources of powerful ransomware, and prevent attacks.

The first port of call for diffusing cyberattacks remains in the hands of an organisations’ staff. Employees should be made aware of the risks of ransomware and understand how infection is delivered and to report any suspicious activity. Access to sensitive data must be limited and patches and backups need to be done regularly and consistently.

“Security solutions also need to incorporate a cross-generational technology approach. This means reputation-based analysis with other capabilities like white listing and application control, behavioural analysis, network monitoring, vulnerability shielding, and high-fidelity machine learning. This is the optimal way to protect your business or organisation,” Alderton says.

Browse our latest issue

Intelligent CISO

View Magazine Archive