Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Ransomware: The big payoff for cybercriminals in 2016

Nick FitzGerald, Senior Research Fellow, ESET Asia Pacific | March 16, 2016
Over the past year, cybersecurity professionals have been facing more and more cases of ransomware. This type of attack has rapidly gained ground and it seems that there is no end in sight to its growth.

The threat of ransomware has also diversified in terms of approach and vector. Initially, only the Windows families of such malware were showing year-on-year growth in terms of the number of detections. Now this malware has extended to other operating systems such as OS X and even Linux. And the technologies used to deliver ransomware are evolving too. In the early days, drive-by-downloads and spammed links or executables were the common delivery mechanisms, but this now includes spam with attachments such as Office documents with macros, BAT, CHM, JavaScript and LNK files, and the payloads delivered from these downloader components include more than just binary executables, such as various script platforms, including PowerShell.

Will the Internet of Things (IoT) be next?

Throughout 2015 there was significant interest in the possibility of malware focusing on equipment associated with the Internet of Things (IoT). The increasing number of devices connected to the internet, and their often woeful security stance, provide cybercriminals with a greater number of points-of-attack. This puts devices such as smartwatches, smart televisions, wearables, driverless cars and a whole host of other devices at risk.

An early example of such an attack is the Linux/Moose worm that has commandeered SOHO routers for social media fraud. Other security researchers have considered the possibilities of wearables, smart televisions and so on being targeted by malware, and in some cases they have even provided proof-of-concept demonstrations. Given ransomware's apparent profitability, it seems likely that some e-criminals must be thinking along the same lines.

These key developments lead us to believe that ransomware is here to stay and will surely continue mutating in the coming years. From the security side, the challenge is not only to detect and block or remove such attacks, but also to ensure the continuing availability of information for enterprises and consumers.

So, what can we do to protect ourselves?

As technology has evolved, the protective mechanisms to counter threats such as ransomware have improved based on experience. However, they must be accompanied by user management and education. Prevention is better than the cure and this applies to end users of technology today. Keeping devices well protected is the single biggest and most effective step that will defeat ransomware. In addition, keeping data adequately backed up is key to ensuring that if an attack takes place, the victim isn't strong-armed into paying up.

According to Gartner, we are gearing up towards a fivefold increase in the number of devices connected to the Internet over the next five years, reaching 25 billion online devices. The challenge we are going to face is protecting more of these devices against ever more sophisticated malicious code. Network security, the prevention of exploits and the appropriate configuration of devices will take on greater importance to prevent such attacks, helping users enjoy safer technology.  


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.