In 2017, organisations were hit by ransomware attacks on an unprecedented scale. One report claims the average number of ransomware attacks in 2017 was up 23 percent compared to 2016, with detections up almost 2000 percent since 2015.
The Future of Ransomware Attacks
New research shows nearly a quarter (22 percent) of IT decision-makers say their company has been a victim of ransomware at least once, while another 26 percent believe it’s “probable” that someone in their organisation has been hit by ransomware.
That means nearly half of the organisations surveyed have been victims of ransomware or are unaware whether they have been subject to an attack. And once an organisation has been targeted, it will often suffer subsequent attacks.
Unfortunately, the size and scale of ransomware attacks are only set to increase in 2018, with several factors combining to create the perfect storm for cyber-criminals.
The increasing availability of crypto-currencies allows cyber-criminals to remain anonymous while conducting mass attacks and, combined with the smaller payment sizes associated with these attacks, it is more likely that victims will pay the ransom.
At the same time, experts foresee a rise in targeted ransomware where criminals pinpoint a specific, and potentially lucrative, victim for extortion.
Elsewhere, the growth of anonymous payment systems has been a catalyst for the growth of Ransomware-as-a-Service (RaaS). This involves ransomware kits sold on the Dark Web, making cybercrime accessible to anyone – regardless of their technical skills. One report puts estimates there was a 2,500 percent increase in the sale of ransomware on the Dark Web between 2016 and 2017.
IoT: A New Entry Point for Ransomware
While most ransomware attacks currently infiltrate an organisation via email, a new delivery system for both mass and targeted attacks is on the horizon, with the mainstream adoption of the Internet of Things (IoT).
Gartner predicts there will be 20.4 billion connected things in use worldwide by 2020. The volume and variety of new endpoint devices alone will present a huge challenge for IT managers, who will be tasked with deploying, managing, and securing the influx of new endpoint devices.
The issue of managing endpoints within an organisation is already a challenge. Autotask Metrics That Matter™ 2017 survey said 63 percent of IT service providers have witnessed a 50 percent increase in the number of endpoints they’re managing, compared to 2016.
IoT will usher in a raft of new network-connected devices, each one a potential entry point for malicious attacks, particularly when there is still a lack of established security standards around IoT.
Many companies’ uncertainty around securing IoT devices is highlighted in Spiceworks’ State of IT report, which shows currently 29 percent of organisations have adopted IoT, with an additional 19 percent planning to do so this year. However, the data shows only 36 percent of IT pros feel confident in their ability to respond to cyber attacks on IoT devices.
[clickToTweet tweet=”Consider the serious – or even life-threatening – impact of #ransomware on #smart #devices within critical #applications. What if they had access to ‘smart’ #medical devices such as #pacemakers?” quote=”Consider the serious – or even life-threatening – impact of ransomware on smart devices within critical applications. What if they had access to ‘smart’ medical devices such as pacemakers?”]
But consider the serious – or even life-threatening – impact of ransomware on smart devices within critical applications. A cyber-criminal could potentially have the means to turn off lighting or heating systems, or lock users out of their homes or businesses. Moreover, they could even affect the safety of drivers by tracking and hacking their IoT-enabled vehicles, turn off entire power grids or access ‘smart’ medical devices such as pacemakers.
So perhaps it is unsurprising that a 2017 survey found that almost half of small businesses questioned would pay a ransom on IoT devices to reclaim their data.
With IoT vendors rushing their products to market despite a critical lack of security standards, what can be done today to help secure your organisation from attack?
It will take a mixture of technology and processes. Traditional antivirus or endpoint security will only tackle known ransomware, so it’s important to deploy solutions with dedicated anti-ransomware capabilities and to keep both devices and operating systems up to date. Creating a process for patch management, so vendors can push out important security updates, is essential.
Finally, ensure your entire team is educated and trained on the latest security protocols – human error is often the main cause of security breaches, so take the time to make sure they aren’t the weakest link in your perimeter.
Ransomware attacks are on the rise, and the new wave of IoT devices are another entry point into your organisation. The cost of deploying the right technology pales in significance to the potential costs and damage that a ransomware attack could inflict.