The Evolving Ransomware Threat

Ransomware has become a serious threat in recent years, with thousands of new variants surfacing in 2016 alone. This is really bad news for system administrators, as computers infected with ransomware are typically locked down until cyber criminals are given a hefty sum to unlock encrypted files.

Disturbingly, IDG recently confirmed the existence of a new file-encrypting ransomware program for macOS, which is making the rounds on BitTorrent. Because the malware has no way of communicating with an external server, victims of the OSX/Filecoder.E strain (which masquerades as a cracking tool for commercial software) won’t be able to recover their files even if they pay up. According to ESET researchers, the encryption “appears to be strong” and cannot be cracked using alternative means.

Despite an abundance of ransomware variants aimed at multiple operating systems, CheckPoint Software says the evolving ransomware landscape is becoming more and more centralized, with a few significant malware families dominating the market and targeting organizations of all sizes. CheckPoint also says that banking Trojans and rough ad-networks remain the primary money-making vectors for large scale malware campaigns – as numerous banking Trojans are now being equipped with ransomware capabilities as a secondary attack vector.

Beyond banking, security experts fear that the next wave of ransomware will target the Internet of Things (IoT). According to Tom’s Guide, this could result in smart cars, smart homes, smart medical devices and even smart transport systems (such as the San Francisco Muni) being held hostage by cybercriminals. It is therefore important for device manufacturers to ensure that endpoints are well protected and not vulnerable to malware that can lock down devices, systems and data until a sizeable ransom is paid.

Unfortunately, ransomware has become everyone’s problem. To cyber criminals, nearly every device is a potentially lucrative target – not just critical infrastructure like an electric company, or big businesses, universities, public transportation systems and hospitals. Therefore, implementing an effective security solution must be a priority, even for mid-size and small businesses.

It is important to emphasize that security solutions should be ready out of the box: simple, affordable and easy to use. This is even more important for IoT devices and their cloud services. One way of simplifying security and reducing costs is using IoT devices with a tamper-proof pre-provisioning key and identifier, which enable out-of-the-box secure connectivity and other security features. That allows service providers to bolster security for a wide range of connected “things.”

In conclusion, mass adoption of ‘plug and play’ security solutions by IoT OEMs and IoT platform providers will allow small and medium businesses to easily and affordably adopt security, which will hopefully act as a positive catalyst to change the current status quo when it comes to unchecked ransomware activities by cyber criminals. Minimizing the number of unprotected endpoints can help reduce the success rate of ransomware, hopefully discouraging cyber criminals from participating in an increasingly unprofitable business.