According to Trend Micro, 2016 will be “the year of online extortion.” Ransomware and extortion tactics targeting users both within enterprise and without will see a sharp increase. Online threats, the report explains, will “evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation.”
“In the past decade,” Trend Micro continues, “cyber extortionists have made use of ransomware to trick online users to make them fall for their tactics. This was done by exploiting one’s fears to coerce victims into paying the ransom. The rogue/fake AV trap was set up to target those who feared computer infection. Earlier variants of ransomware locked screens of users, tricking them into paying to regain access. Police Trojans threatened users with arrests and charges for violations. And finally, with crypto-ransomware, cybercriminals aimed for the most valuable part of one’s system, the data.”
“With this in mind, cyber extortionists will devise new ways to target its victim’s psyche to make each attack “personal”—either for an end user or an enterprise. Reputation is everything, and threats that can ruin an individual’s or a business’ reputation will prove to be effective and—more importantly—lucrative.”
So, there you have it. Ransomware attacks will be less technical, and more focused on social engineering. Don’t take this to mean that ransomware still doesn’t represent an extraordinary threat to your business, though – it actually makes them far more dangerous, as a matter of fact; a firewall can protect against a targeted attack, but it cannot protect against manipulation.
Perhaps the nastiest example of Ransomware currently floating around on the web is a malicious application known as Cryptowall 3.0. According to a report published by the Cyber Threat Alliance, it’s already cost victims more than $325 million, with over 406,000 attempted infections and 4,000 samples of the malware in the wild. The Alliance believes that whoever is responsible for the malware may in fact belong to a single group, which targets businesses and holds mission-critical files hostage in exchange for a ransom.
It gets worse.
“Unfortunately for those unlucky enough to get infected by CryptoWall 3.0, the report paints the picture of a highly efficient operation running solid encryption, meaning victims usually do have to pay up to get their files back,” writes Phil Muncaster of Info Security Magazine. “Even an FBI Special Agent was quoted as saying last week that it might be better for infected businesses to just pay the ransom.”
Yikes. Pretty grim outlook, isn’t it? So…how can you protect yourself against this?
A few ways:
- Watch Your Backups: A good backup solution can go a long way – particularly if it’s properly configured for redundancy. It could well provide you with an out in the event of a Cryptowall infection, as you’ll still be able to access your files – not everything will be locked away.
- Educate Your Employees: Make sure your staff is aware of safe browsing practices, and knows about phishing attempts and social engineering attacks. The more they know about the mechanisms through which these attacks occur, the better equipped they’ll be to avoid them.
- Restrict Software Usage: Now, here’s the thing about employees – eventually, they’re going to do something you don’t want them to do. Even if you do educate them, it’s important to have measures in place that prevent them from causing too much damage – containerization through an EMM solution, software restrictions on work devices, that sort of thing.
2016 is going to be the year of ransomware, but that doesn’t mean your business needs to be a target. By properly educating your employees, maintaining decent backups, and keeping track of what people are doing with their devices, you’ll be able to defend yourself from all but the worst offenders.