Ransomware remains a serious threat to enterprises, small- to medium-sized businesses (SMBs), and individuals alike. Last month, Clop ransomware has evolved to integrate a method that targets Windows 10 apps and various applications. Additionally, the latest reports by the Federal Bureau of Investigation (FBI) show that another ransomware called Maze has been targeting U.S. companies to steal and encrypt data.
These developments indicate that despite the recent decline in the number of attacks, ransomware-related crimes are not going away and are likely to surge in the future. And aside from causing data loss, ransomware is now being increasingly used to threaten victims with data leaks. With these rising trends, ransomware is predicted to be cybercriminals’ weapon of choice in 2020.
Ransomware through time: new attack methods, shifting targets
In 2013, a new type of ransomware called crypto-ransomware emerged. It typically encrypted particular files types such as DOC, .XLS, .JPG, .ZIP, .PDF, and other commonly used file extensions. Encrypting the files ensured that victims are forced to pay the ransom even if the malware itself was deleted or locked.
Over the years, crypto-ransomware continued to evolve. Cyber-extortionists added features such as countdown timers, ransom amounts that increase over time, and infection routines that enable the malware to spread across networks and servers.
Later versions include alternative payment platforms that make ransom payments easier, extortion tactics more hostile, and selling in the dark web smoother.
Ransomware in 2020
Last year, a number of Maze ransomware victims who did not immediately pay up learned that their stolen documents had been exposed. This showed that ransomware campaigns now include data breaches and exfiltration, which means they’ve become more dangerous than ever.
Other than that, here are some other ransomware trends to watch out for:
- The ransomware-as-a-service (RaaS) market will continue to flourish – RaaS will continue to be the best way for cybercriminals to deploy ransomware as underground markets are flooded with different RaaS offerings at all price points.
- The number of ransomware victims who hail from the U.S. will decrease – While the U.S. accounted for 53% of attacks between 2018–2019, U.S. businesses will continue to make up the greater part of victims of ransomware attacks in 2020, cybercriminals will also target other countries.
- Exposure of victims’ files will become more rampant – In recent months, many cybercriminals have either threatened to leak their victims's files, whether or not those victims have paid ransom. This provides attackers with another way to extort their victims should they refuse to pay the ransom. However, it remains to be seen if this will be a successful extortion strategy or not.
Defending against ransomware
Email continues to be the number one method for delivering ransomware. Hackers use carefully crafted phishing emails to trick employees into opening a malicious link or attachment.This is why you should train your staff to be vigilant about such threats.
SMBs might typically have fewer resources to secure their IT infrastructure or maintain a good backup strategy. However, there are many ways to strengthen defenses against ransomware. Start by updating your systems and applications to the latest versions and enabling multifactor authentication (MFA). Here’s a checklist of best practices your business can follow:
☐ Create strong passwords throughout the network.
☐ Increase awareness of how ransomware works and spreads.
☐ Don’t install software unless you know exactly what it is and what it does.
☐ Use antivirus software that detects malicious programs.
☐ Backup your files frequently and automatically. While it won’t stop an attack, it lessens the impact of the damage caused by a ransomware attack.
Businesses trust Graphus to protect them against the latest dangerous cyberthreats that traditional antivirus solutions fail to catch. We offer comprehensive defense and strong email security to protect systems and devices from the most recent threats. You don’t have to be a victim of ransomware. Call us today to learn more.