Ransomware concerns
Ransomware continues to be an epidemic for businesses, security experts warn Michael Kan
Expect ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data by shutting down entire computer systems to utilities or factories.
“I see no reason for ransomware to stop,” argued Neil Jenkins, the director of the US Department of Homeland Security enterprise performance management office. “It’s shown to be effective.”
At the recent RSA cybersecurity conference, experts gave a grim outlook on the future of ransomware, which they fear will spread. Through the attacks, cybercriminals have managed to rake in $1 billion in 2016, according to one estimate. The computer infections work by first targeting the victim’s data, and encrypting it. The ransomware will then threaten to delete the data, unless a payment, usually in bitcoin, is made.
However, a key concern is that ransomware will start targeting critical infrastructure, added Jenkins. He pointed to the recent example of an Austrian hotel hit with ransomware that took out its key card system for the hotel doors. Future ransomware attacks might try to lockdown control systems for a water utility, threatening its operations.
Too many important computer systems are also connected to the internet when they shouldn’t be, argued Gal Shpantzer, CEO of Security Outliers. Small businesses are also failing to properly segregate their computers from other processes, like a factory assembly line, he said. When a ransomware infection hits, it has the potential to shut down the entire operation.
“That’s where ransomware is going to go,” Shpantzer added. “I think it’s inevitable. People are going to be injured or lose their life. This is starting to affect things that shouldn’t be on the internet, or are physically moving.”
The hackers behind ransomware infections are also demanding higher and higher payments, some times over $40,000, said Jeremiah Grossman, chief of security strategy at SentinelOne. There have even been a few ransomware cases where victims had no choice but to pay over seven figures to recover their system, Grossman added, declining to provide details. “Bottom line, it’s getting worse out there, and it will continue to do so.”
Ransomware infections are already harassing small and medium businesses, according to Robert Gibbons, CTO at security provider Datto. His company conducted a survey that found 60 percent of its partners have experienced one to five ransomware attacks in the last year.
The remainder had experienced over five attacks. “Ransomware is still an epidemic,” according to Gibbons.
Experts recommend that businesses and users frequently back up their data and also test to those backups to make sure they work. Security vendors have also published tools that can free computers from some ransomware infections.
When an attack hits, victims may be tempted to pay the hackers the ransom. But Gibbons warned that one out of four times, the hackers still declined to decrypt the victim’s data, despite receiving payment.