Ransomware models are adapting and evolving in the enterprise economy, show recent reports. New strains are popping up continually, and they are becoming more profit-oriented. As more and more business owners pay the ransom rather than lose access to their data, the industry is adapting and finding new ways to extort money. Read our take on ransomware evolution in the next year below, and learn how to prevent ransomware from affecting your business.
Ransomware was the most pervasive threat of 2016, showed FBI reports. On average, 4,000 ransomware attacks occurred per day in 2016, according to a report from the FBI in June 2016. And the reason it’s so prevalent is because it works.
A recent IBM X-Force study shows that %70 of businesses infected with ransomware paid to get access to their data. The same source states that one in two business executives surveyed have experienced ransomware attacks in the workplace. One in two executives say they paid over $10,000 to get their data back, and 20 percent paid over $40,000. With ransomware being so profitable, there is no doubt it will continue to be a threat in 2017, shows a report from security firm MalwareBytes.
They Go Big: Medium Sized Businesses are Targeted
The IBM study also showed how ransomware cybercriminals are starting to aim for the big fish. Only 29% of small businesses surveyed have experience with ransomware attacks, compared to 57% of medium size businesses. According to IBM, end-users will also fork up Bitcoin to get their data back, but not as much as businesses. Fifty percent of end users said they paid money when hit with ransomware. That’s not to say end users are not a target – but it looks like cybercriminals are becoming more savvy in terms of marketing.
The study showed the ransom goes up to $500 or more, depending on the victim and the time they wait before paying.
Ransomware Evolution Maximizes Profit
New ransomware strains are emerging by the thousands each day. There are so many, that it’s hard for security experts to keep up with removal methods. Ransomware models are also adapting to the market and becoming more income-oriented. In December last year, security firm Cyber X showed that KillDisk, a type of ransomware that deleted data off a victim’s computer, now encrypts it instead. Creators figured out there’s no money if the data is gone!
So instead of removing information permanently, cybercriminals now leave a glimpse of hope to the victim. This in turn, increases the chances that they can get the ransom amount in Bitcoin. This new adaptation shows that the models are designed specifically to maximize profit.
Social Engineering Scams Introduce Malware
We know that some social engineering scams are being used to gain access to important data in companies. But the tactics are becoming more aggressive and sophisticated by the minute. In the UK, the “ActionFraud” Center has issued an alert to educational institutes. They warned that cyber-criminals cold-calling British schools and tricking staffers into installing ransomware on the school’s computers.
Another warning comes from The Independent, that warns an incredibly clever phishing tactic is rampant. Cybercriminals are sending PDF attachments that open up as Google-like pages in the browser window to anyone who is unlucky enough to click on the message. The design of the page looks stunningly like the real thing:
More than ever, it is vital to have educated and risk-averse employees.
Ransomware Will Scale Like Never Before
Aside from targeting larger companies for more money, ransomware will also get more sophisticated, shows a report by Fortinet. The report compiles a number of security risks and trends for 2017 and shows that attacks are going to scale exponentially in 2017. And the way to do that, of course, is automation.
“Automated attacks introduce an economy of scale to ransomware that will allow hackers to cost-effectively extort small amounts of money from large numbers of victims simultaneously, especially by targeting online IoT devices,” shows the report.
Cloud Technology and IoT
Ransomware will also adapt to market trends and start to target cloud technology and Internet of Things devices, show security experts from McAfee. It is a natural evolution. More and more IT specialists start trusting their data to the cloud and installing IoT devices in a business setting.
“Increasing amounts of sensitive data and business-critical processes are shifting to public and hybrid clouds. Attackers will adapt to this shift, continuing to look for the easiest ways to monetize their efforts or achieve their objectives,” shows the McAfee report. Attackers, including for-hire attackers, will use clouds for scale, speed, and anonymity. The most common type of attack in the cloud will be the “Denial of service for ransom”, shows McAfee.
Wrap-up: Backups Still Your Safest Bet
All reports show that ransomware evolution will make it an even bigger threat than the year before. In this environment, managed service providers remain the main warriors on the frontline of the ransomware wars. The only way to defeat the scourge is to be armed with a fail-safe backup system that will allow quick recovery of mission-critical data.
So don’t be the next ransomware victim – keep a backup (or two, or three, preferably off-site). No one is too small to be a target.