Ransomware made headlines in 2016, but is expected to be a larger issue in 2017.
Editor’s Note: With 2017 now upon us, RCR Wireless News has gathered predictions from across the mobile telecommunications space on what they expect to see in the new year.
In 2014, ransomware was a plot device in the TV show “The Good Wife.” Today, ransomware is a nightmare that most businesses have faced at least once. In fact, in the last year alone, ransomware attacks quadrupled and 40% of businesses experienced a ransomware attack, leading to millions of dollars being paid out in an attempt to rescue kidnapped data during the first quarter. Already by the halfway point of 2016, such attacks increased five times over the same time the previous year. And, to add insult to injury, more than one-third of all companies who have fallen victim to ransomware attacks have lost revenue and credibility as a result of the attacks.
Unsurprisingly, networking, security and IT professionals have elevated this concern to the top of their priority list, with more than half indicating as much in a recent survey. What can IT professionals expect from ransomware in 2017? Here are a few of the most likely developments:
Targeted ransomware attacks will increase
Rather than targeting specific people like celebrities, business servers will be targeted via ransomware attacks. This will multiply the number of potential infected servers and devices on a given network, making the attack much more devastating.
Attacks will demand more than just a dollar figure
Previously, ransomware only asked for a certain sum of money. Now, it will ask for an action – like sharing an infected file with co-workers. In 2017, we expect to see more campaigns like “infect your friend,” where people are asked to infect someone else’s device without paying the money.
Attack delivery will become more sophisticated
New ransomware families announced themselves in 2016, and there will probably be more of them in 2017, as well as development kits, which allow actors to develop their own customized ransomware. 2016 brought us the end of Angler kits, however, new ones like Magnitude, Neutrino and RIG are still haunting enterprises. For 2017, the continued increase in Google Chrome usage and the expected trending decline of Flash, as well as the efforts of browser vendors to add new security mechanisms, will dramatically affect the client-side exploit kit market. Attackers will have to search for other engines for vulnerabilities (for example, HTML5 might become a new target).
New attack surfaces will be discovered
Hacks such as the one by “Shadow Brokers” underscore the reality that even firewalls, routers, and other physical appliances are vulnerable.
IoT devices will become a DDoSer’s best friend
At the end of 2016, the world witnessed significant attacks via the “internet of things,” including both the attack on DynDNS and the attack on Brian Krebs website. Both instances revealed exactly how weak IoT security currently is and how vulnerable devices could be easily compromised by “default password” attacks or via software vulnerabilities.
A problem is that IoT vendors do not ordinarily release patches. As a result, hackers are able to enslave millions of compromised devices to create a zombie botnet army. In 2017, these DDoS capabilities may be utilized with ransom attacks on companies. There will be discussions around governing the IoT world in terms or regulations that will apply to and impact the whole IoT industry. Such regulations may hamper IoT innovation in this industry.
However, not all ransomware developments in 2017 will be bad. As ransomware continues to evolve in 2017, projects like “no-more-ransom” will continue to gain traction to fight ransomware and provide decryption tools for innocent users.