Since its inception, ransomware has been one of the most constant methods of cyberattack in the world. And as we move forward into 2018, it’s going to remain as such – if not worse. Here’s why.
It’s one of the oldest types of cyberattack on the web. Hackers install a piece of software on their victims’ computer – either via a phishing link or a direct intrusion. From there, they simply lock the users away from their files and applications until a ransom is paid.
The core concept behind ransomware hasn’t changed much in the decades it’s been around – but ransomware itself has been evolving. And rather rapidly at that. 2017 saw some of the most devastating global ransomware attacks in history.
2018 has the potential to be worse for a few reasons.
More Focus On Doxxing and Theft Than LockingCriminals know that businesses and consumers alike very often keep extensive backups of their most critical data, especially with all the coverage ransomware has been receiving lately. And cyber-criminals know that. That’s why, in addition to developing ransomware that specifically targets backups, attackers are mixing things up in another way.
Specifically, some new brands of ransomware are designed for data exfiltration rather than to lock data down. If the victim fails to pay a ransom, the criminals may threaten to expose that data to the world – anything from private photos and documents to product blueprints. Even if the victim pays the ransom, the hackers might steal the data for their own ends anyway.
Ransomware-as-a-ServiceWith how much software as a service platform revolutionized the business world, it should come as no surprise that criminals eventually caught on to the trend and started using it for their own purposes. Ransomware is among the many criminal activities that are being automated via the cloud. And on the dark web, ransomware as a service has become a multimillion dollar industry.
That industry is largely behind the massive spike in ransomware attacks that we’ve seen over the past several years, and in 2018 it’s only going to get worse. Instead of writing their own code, criminals can simply deploy a paid-for platform that does everything they need it to. Some providers even provide tiered offerings and support lines to their customers – a frightening level of legitimacy for a criminal enterprise to possess.
New Delivery MethodsWith the advent of the Internet of Things, criminals have a larger threat surface to target than ever before. That combined with new, more novel delivery methods such as PDF embedding means there are more avenues by which a business or individual might suffer a ransomware infection than ever before. You need to be aware of these prospective threats, and you need to ensure you’re effectively air-gapping your IoT devices.