Post from TripWire
Ransomware is a problem on the rise, a simple threat with some very large business implications. Statistics show it has reached new levels of menace, and it’s growing at a remarkable rate: 6000% in 2016, an IBM study found, and a triple-digit increase into 2018.
Although a very real and present danger (as shown by some very high profile infections in 2017), the real question is how this threat is going to grow next year and beyond.
WHY IS RANSOMWARE SUCH A PROBLEM?
Ransomware fear is well-founded on a handful of core components:
- Ease of infection and distribution: Ransomware is a growing threat not only on laptops but also on mobile devices, which saw a 250% increase in infections, as well as smart devices. It has never been easier for criminals to distribute ransomware to so many devices, a trend that is set to continue and which will facilitate more attacks. The emergence of RaaS (Ransomware as a Service) platforms, combined with cheap outsourcing to hackers, means cybercriminals no longer need any technical skills to attack businesses all over the world.
- Everyone and every business is a mark: If you are connected to the internet, you are at risk, and any business or person is susceptible. What would an advertising agency pay to get their images back post infection? An accounting firm to get back their spreadsheets? Or a hosting firm to release their server? (Pay out over 1 million dollars, apparently?) No matter your business operation or service, you are a target. Ransomware can be deployed cheaply at scale through email, which is still its most common infection method.
- Our digital lifestyle is changing at a ferocious pace; greater connectivity directly relates to greater opportunity for would-be hackers: Bring Your Own Device (BYOD) workplaces are on the rise, an opportunity for smart hackers to place malware on your devices and allow you to spread it into your workplace and home. What a perfect backdoor entry for ransomware and other nasty viruses! As we move deeper into an IoT-based world, the pitfalls for businesses are almost unavoidable. One example is a hotelier in Austria who coughed up a hefty ransom when his hotel’s smart locks were infected, locking every room in his hotel.
- Our reliance on connectivity and our digital devices: Ultimately, this is the crux of ransomware’s threat: we hold sensitive or private information on our devices that we cannot afford to lose or don’t want to be released. Without proper back-ups and effective security measures in place, the risk of infection and success rates of ransomware will only continue to grow, thereby leaving us open to blackmail.
- Cryptocurrency as payment: Among all the hype of anonymous, decentralized crypto-payments, the reality is that the use of cryptocurrencies in commercial transactions is still in its infancy, and its most common commercial use is among criminals. Operations such as Silk Road and Alpha Bay,allegedly used BitCoin’s anonymity for illegal transactions in much the same way as ransomware infections do for payment.
WHAT DOES THE FUTURE HOLD?
1) Household to Ransom?
The smartification of everything and the proliferation of IoT into our culture means that everyone and everything will be a target around the clock. The smartification of general household goods, as well as watches and mobile devices, will mean that there will be literally 10s of billions of devices open to attack.
And don’t think the hackers won’t get creative. Smart fridges, holding $100s of dollars’ worth of food, could get switched off, and smart ovens making the Christmas turkey extra crispy are also on the menu.
The targeting of household appliances also raises an interesting question about who is responsible for keeping these products secure. We usually expect household goods like fridges, blenders, and cookers to last 5, 10, 15 years, unlike the rapid turnover of our commercial technology. Can we expect continued support for this length of time? Are we obligated to take care of our own patching and updates?
Answers to these questions will bear fruit in the coming years.
2) Transport Hacks
Probably the most worrying of all, smart cars are very much in the present, and their risks are well-documented. These vehicles are going to have to anticipate a whole spectrum of malicious attackers and hacks. The consensus is that we are just a few years away from autonomous trucks and cars, but there have already been instances of external actors taking control of vehicles.
Smart cars are as susceptible to hacks just like any internet connected device. How do you feel sharing the road with hackable cars?
3) Breaking Factory Lines
The rise of AI and automated/robotic workforce will cultivate additional opportunities that favor nefarious actors. Honda, NHS, and FedEx were among those infected in the WannaCry outbreak. Honda had to halt production on 1000 cars after their Japanese plant was infected. Companies like these may soon have fully automated, computerized workforces that could be infected with ransomware strains. These employees would need to pay a hefty sum to reinstate their production line.
5) Social Blackmail
We live in a world of social networks, social dating, and connected workplaces. In this connected world, we are striving for more privacy. The growing concern among private citizens is having personal videos, images, and even articles written about the released on to the web. Imagine a Google search of your name brought up some unfavorable content and the damage that could cause you.
The wider implication for ransomware is that the cost is not just in the ransom itself or even the repair costs but the reputation damage, the downtime, and the opportunity costs. Indirect costs of ransomware in 2017 are estimated to total out at around $5billion USD.
WHAT CAN YOU DO?
There is no way to completely protect yourself from this ransomware. If you are online, you are vulnerable and may at some point encounter it. Implementing a 3-pronged approach to tackling this issue head-on is the probably the optimal strategy:
- Educate: If you run a business, your employees are your most vulnerable parties and those most likely to cause infection. But they are also your first line of defense. Education on ransomware and other viruses is not just a one-off workshop; it’s a continually reviewed and reinforced strategy that seeks to update everyone on the latest threats.
- Secure: A proactive approach to ransomware and viruses at home or at the work place. This is just super simple internet hygiene – make sure all your software is licensed, official, and updated with the latest available patches. Utilize a reputable antivirus solution, and make sure to run updates and scan regularly. Remember: email will be the most common gateway for infection, so it would be desirable to implement thorough spam filtering and if possible black-listing access to unsafe websites.
- Backups: The only safety net that’s guaranteed to work. Regular, detailed backups of your important files will ensure that hackers won’t be able to damage you or your business. Ransomware is only effective if regular backups are not kept. Avoid critical data loss, downtime, and of course having to pay a ransom.