Closed blue circuit card connected to a CPU with a bright padlock symbol in the top.

Can You Imagine the Future of Ransomware?

Posted by Mark Greisiger

Over the past 18 years at NetDiligence, we’ve often been asked about the future of ransomware. And the truth is that even after 18 years in this space, no one can fully predict what will happen.

Even when ransomware became more widespread during the 2000s, no one could have imagined the current magnitude of the threat of cybercrime. Ransomware incidents have skyrocketed in recent years, becoming the number one cause of loss within the cyber risk insurance industry.

Early ransomware programmers typically wrote their own encryption code, but today’s attackers often develop toolkits that can be used by those with less technical skills. The methods of delivery have also become more sophisticated, as attackers leverage spear-phishing campaigns rather than traditional phishing emails (often filtered by spam folders).

Some of the most advanced cybercriminals monetize ransomware by selling programs that anyone can download.   

Ransomware as a service has increased the prevalence of attacks by making it possible for people with little cyber know-how to make extortion demands. All they have to do is download the virus, set a ransom and payment deadline, and attempt to trick someone into infecting their computer. If the victim ends up paying, then the original author receives a cut—often between 5% and 20%.

Ransomware continues to morph and change. Today, we’re even seeing strains that have no interest in being paid a ransom. These threat actors masquerade as ransomware, but their only apparent goal is to destroy your network. Sometimes when the business pays the threat actor and receives the decryption key, it doesn’t unlock all of the data. Parts of the network may be corrupted or the data may remain damaged.

What Is the Future of Ransomware? 

The future is uncertain when it comes to cybersecurity and ransomware attacks.  Even the leading experts are scrambling to keep up. They’re consulting with their peers about whether they have faced a given threat before, and how to manage it. In recent years, we’ve seen attacks occurring on a massive scale and in many contexts, for example:

  • The U.S. government
  • Mass transit
  • Payment systems
  • Internet-connected devices

Moreover, ransomware is just one of many threats on the cybersecurity landscape. Our clients such as corporate risk managers and cyber insurance carriers are worried about the plethora of cyber perils that they must address on a daily basis:

  • Business Interruption Events: Business interruption events occur when a company’s systems are down and operations have been immobilized, resulting in a significant and ongoing loss of profits.
  • Privacy Liability: This type of cyber risk refers to how a company collects and shares customers’ data. When a company engages in practices that go against their stated promises, it may result in a class action lawsuit.
  • Data Breaches: Data breaches encompass a wide range of cyber incidents that can remain undetected over time. Every business should have an incident response plan (IRP) which establishes protocols and procedures for dealing with a breach.
  • Insider Threat: This type of threat refers to the risk that a staff member could make by mistakenly or maliciously leaking data. Limit how much data staff has access to using the “least privilege access” principle, giving them the minimum access needed to fulfill their roles. Well-developed protocols and staff training go a long way, as well as removing access should someone discontinue their employment.

Prepare Yourself for a Ransomware Attack

Ransomware trends show that businesses should be taking proactive steps to protect themselves from the threat of attack. Any ransomware event can be devastating for the business, which makes it that much more important to prepare for the possibility by following best practice guidelines:

  • Malware Protection: Install and maintain a quality antivirus and next gen endpoint protection software.
  • Software Updates: Keep applications up-to-date to avoid opening up potential “holes” in the system.
  • Data Backups: Maintaining good data backup procedures that are segmented from your corp network will help you to recover your systems from unencrypted versions, which may save you from paying a ransom in the case of an attack. Be sure to test your backups on a regular basis.

Remember, one quarter of all data breaches are caused by human error, according to a ransomware trends 2019 report by the Ponemon Institute. Fake emails made to look like they’re coming from legitimate sources prompt employees to open a link, document or enter their username and password in a fake website. Training employees to spot malware and use proper security procedures will go a long way toward protecting your business. 

Partner with NetDiligence, a Leader in Cyber Risk Management

Here at NetDiligence, we partner with cyber risk insurers, brokers, lawyers, IT security firms, and businesses to offer our deep expertise in cyber risk management. We provide cyber risk assessment and breach solutions to help businesses prepare for and manage attacks by minimizing losses. Because the future of ransomware is always changing, it’s vital to have a trusted partner in the industry that can keep you informed of the newest developments. To learn more about our services and how we can help you, please contact us at 610-525-6383.