If you ever wanted to become a cybercriminal, you can do so at any moment. And, by the way, you can achieve great heights at this profession, without needing to spend time on learning the art of writing code or software developing. You just have to download a special toolkit and that’s basically it – watch it do all the work and collect money while doing almost nothing. This is how people are lured into spreading ransomware and the more time passes, the more real this danger becomes.
Ransomware as a Service (RaaS) is quickly gaining in popularity. Its nature is very simple – ransomware developers find people that may help them spread their creations and when the money rolls in, they take the cut. And the thing that’s most frightening here is that anyone can become a distributor. Some ransomware packages are priced at less than $100 so money can basically be made back after the first successful infection.
This kind of thing has been going on for a while. But what really made it gain notoriety is San Francisco’s Municipal Transportation Agency (MTA) recently being attacked. A lot of people now know that ransomware isn’t going anywhere – in fact, it’s on the rise and it’s only going to become more widespread in the future.
Osterman Research, for example, reports of nearly 50% of US corporations becoming victims of ransomware throughout the year. Trend Micro said in August that nearly 80 new ransomware families have been discovered during the first six months of 2016. If we’re talking about the profits, the numbers are staggering – an older version of the CryptoWall family was able to make $325 million is 2015. And that’s only one of many families like this.
And the situation continues getting worse. In September, for example, the increase in ransomware activity was 400%. At 2015 we had 29 ransomware families. By September of 2016 that number had increased to 145.
There are several reasons for ransomware becoming as widespread as it is now. The first one is really simple – there’re a lot of warnings about potential threats and a lot of information on protection from them. But many companies and users don’t protect their servers and computers the way they should and, as a result, get infected.
The second reason is more complicated – security researchers have to spend at least some time to find the solution to the problem and decrypt affected data. And it’s much easier for a lot of companies to just pay money and continue with their operations than wait around.
That’s why it’s very important to educate all the employees about the dangers of ransomware and start treating the Internet as something that not only has pictures of cats, videos and free music, but also as a place that contains lots of threats and can lead the company to losing thousands of dollars. And, considering the prognosis, it should be done as fast as possible.
The prognosis is very dark, to put it mildly. Trend Micro expects the number of ransomware to be increased by 25% in 2017 which means that there should be at least 15 new families found each month. And, even though the critical point was passed in 2016, the ensuing stabilization is going to be very helpful for ransomware diversity and there will be even more attacks on users and corporations.
Ransomware is also probably going to be used a lot more often in data breaches. It gives cybercriminals an ability to steal the information and sell it on a dark web and then infect servers with ransomware which will hold them hostages and allow bargaining a better price. The same goes for mobile ransomware.
And, even though there’s no sure way to protect computers and mobile devices at all times, ransomware can be blocked at the source if Web or email gateway solutions are used. Continued development of machine-learning technology is also going to strongly contribute to protection from cyber threats, even the most recent and unknown to data bases.