For several years now, ransomware has been a major concern for businesses and individuals alike. This harmful malware, which demands the victim pay a ransom to regain access to a compromised computer or mobile device, has already affected thousands, and security experts predict that not only will these attacks increase in 2020, but they will become the dominant cyber threat.
Ransomware is considered by many to be one of the most disruptive attacks that hackers can launch. For some large businesses, the costs of these attacks soar well into the millions of dollars, considering the lost time and productivity, the costs to rebuild and restore systems and the damage to the brand these attacks can cause. That’s not even considering the costs associated with actually paying the ransom.
Although most experts aren’t predicting anything surprising on the horizon in terms of cyberattacks, the fact that ransomware is becoming so dominant means that it’s important to understand how these attacks occur and how they will evolve in the coming months.
Email Will Remain the Primary Source of Malware
By some estimates, 93 percent of ransomware comes via phishing emails. Although attacks on individuals are typically crimes of opportunity, most business attacks are highly targeted and use phishing emails specifically engineered to that company. In either case, the hackers rely on the recipient’s willingness to click on a link, triggering the download. Therefore, it’s more important than ever to be alert to phishing emails, avoid clicking any links in unsolicited messages and implement maximum security tools to filter out these messages and block harmful software from infecting your computer.
Ransomware Isn’t Always Isolated
Although many people are infected by ransomware by clicking a single link, it’s becoming increasingly common for ransomware to be a part of a larger attacks. In a number of cases, ransomware is the last piece of malware to be installed after others. Instead of immediately deploying the malware, hackers are launching other infections and including the ransomware as the final step. This makes detecting ransomware more challenging to detect and stop — and underscores the importance of using comprehensive security and keeping it updated, as blocking ransomware is often a matter of blocking what appears to be less harmful malware first.
Mobile Devices Are Being Targeted
Although email is the traditional attack vector for ransomware, the ubiquitousness of mobile devices is increasing the risk of attacks there as well. For instance, one recent incident involved sending text messages to victims telling them that someone was trying to access their email, and the password needed to be changed. The messages included a link, which not only stole the user’s credentials but installed ransomware on the device.
Phishing messages aren’t the only way hackers are going after mobile devices. Malicious apps impersonating legitimate apps are also on the rise. The good news is that app providers, in particular the Google Play Store and Apple App Store, are doing more than ever to eliminate malicious apps from their offerings; the number of blacklisted apps in the Google Play Store has decreased by 59 percent this year, for instance. To avoid becoming infected by malicious apps, it’s important to continue getting apps from legitimate sources only and carefully evaluate all apps by looking at reviews, the developer and the update history.
You Still Shouldn’t Pay the Ransom
Although data indicates that just under half of ransomware victims pay the demands to regain access to their computers, the FBI and other law enforcement agencies continue to caution against doing so. Not only is there never a guarantee that the hackers will actually restore your files — or that they haven’t corrupted them — but the feds believe that paying up only encourages the criminals to continue their attacks. In addition, paying the hackers can also mean indirectly supporting other criminal activities.
Instead, preparing for ransomware attacks, including taking steps to prevent them from occurring in the first place, is a better strategy. This includes maintaining up-to-date backups, having a plan for ransomware removal and recovery and understanding the threats and how to avoid them. Keeping your operating system and antivirus protection up-to-date, to prevent the exploitation of any vulnerabilities, is also vital. Many of the most devastating ransomware attacks in recent memory stemmed from systems that weren’t running the most recent versions of software, so it’s important that you don’t ignore those messages to update.
The threat landscape, and ransomware in particular, will undoubtedly change throughout 2020. However, knowing the current trends and what to expect will help you stay one step ahead and avoid the downtime and costs of an attack.
