Ransom Worm: The Next Level Of Cybersecurity

Uploaded on 2017-01-10 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

As if holding your data hostage and seeking cash payment weren’t harsh enough, security experts foresee the next stage of ransomware to be even worse.

Scott Millis, CTO at mobile security company Cyber adAPT, expects ransomware to spin out of control in the year ahead. That is an astounding statement when you consider that there were more than 4,000 ransomware attacks daily in 2016, according to Symantec’s Security Response Group.

Corey Nachreiner, CTO at WatchGuard Technologies, predicts that 2017 will see the first ever ransom-worm, causing ransomware to spread even faster.

Crypto-ransomware is a type of ransomware that encrypts your files and holds them captive until ransom demands are met. 

According to the FBI, cyber criminals used ransomware to steal over $209 million from US businesses alone, just in the first quarter of 2016. Furthermore, a recent ransomware report from Trend Micro shows 172 percent more ransomware in the first half of 2016 than all of 2015. 

“In short, bad guys realize ransomware makes money, and you can expect them to double down in 2017,” Nachreiner says.

To make matters worse, Nachreiner expects cybercriminals will mix ransomware with a network worm. Years ago, network worms like CodeRed, SQL Slammer, and more recently, Conficker were pretty common. Hackers exploited network vulnerabilities and tricks to make malware automatically spread itself over networks.

“Now, imagine ransomware attached to a network worm. After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach,” he says. “Whether or not you want to imagine such a scenario, I guarantee that cyber criminals are already thinking about it.”

Nir Polak, Co-Founder & CEO of Exabeam, a provider of user and entity behavior analytics, agrees that ransomware will move from a one-time issue to a network infiltration problem like Nachreiner describes. “Ransomware is already big business for hackers, but ransom-worms guarantee repeat business. They encrypt your files until you pay, and worse, they leave behind presents to make sure their troublesome ways live on,” says Polak.

Earlier this year, Microsoft warned of a ransom-worm called ZCryptor that propagated onto removable drives. By placing a code on every USB drive, employees bring more than just their presentations to a sales meeting; they’re carrying a ransom-worm, not the greatest impression you want to give a prospect.

Alex Vaystikh, cybersecurity veteran and co-founder/CTO of advanced threat detection software provider SecBI, thinks along those same lines. He says ransomware will become smarter and merge with information-stealing malware, which will first steal information and then selectively encrypt, either on-demand or when other goals have been achieved or found to be unachievable. Although ransomware is an extremely fast way to get paid as a fraudster/hacker, if you are also able to first steal some information before you encrypt the device, you can essentially hack it twice. 

Lucas Moody, CISO at Palo Alto Networks, says ransomware isn’t going away. Ever wonder what economic driver has led to the explosion of Bitcoin ATMs into affluent neighborhoods in the US.? His hunch is it is correlated with the number of ransomware infections affecting small businesses. 

Ransomware in 2016 has been a significant problem, and current trends suggest that this problem will not slow-down in 2017. Business resilience and recovery capabilities are the best defense to avoid frequent trips to your local bitcoin ATM, he says.

Vaystikh also foresees the first cloud data center-focused ransomware. In 2017, ransomware will target databases, causing significant downtime. There are not currently many hackers attacking corporate networks with ransomware; information-stealing malware is the preferred tool, he says. 

“But what we might see in the coming year is ransomware targeting places where there is less chance of backup files being available. For example, I think we’ll see that SMBs who move their files to the cloud generally do not have backups and do not know how to recover. Specifically encrypting cloud-based data like this would have a significant impact on cloud providers and cloud infrastructures,” he says.

CSO Online:                Cybersecurity Trends In 2017:          How Cyber Attacks Will Get Worse In 2017:
 

« Propaganda & Bias In Social Media News
Surprise: Snowden Knows Some Russian Spies »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

CROW - University of Waikato

CROW - University of Waikato

CROW is the first cyber security lab established in a New Zealand educational institution at the University of Waikato.

EclecticIQ

EclecticIQ

EclecticIQ is a global provider of threat intelligence, hunting and response technology and services.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

NanoLock Security

NanoLock Security

NanoLock delivers the industry’s only end-to-end platform for the IoT and connected devices ecosystem.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

Digital Identification & Authentication Council of Canada (DIACC)

Digital Identification & Authentication Council of Canada (DIACC)

DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian framework for digital identification and authentication.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.

Cyber Eagle

Cyber Eagle

Cyber Eagle is a sovereign-grade cybersecurity firm specializing in autonomous AI-powered defense systems for critical infrastructure protection.