Ransomware or malware that locks up data and demands payment for its release is set to evolve and make up the majority of cyber attacks in 2017, according to most predictions by security commentators.
Cyber attacks that exploit weaknesses in mobile devices and devices that make up the internet of things (IoT), including distributed denial of service (DDoS) attacks, are also expected to continue from 2016.
However, in 2017, experts predict an increase in professional, advanced attacks including attacks on cloud infrastructure and the rise of data manipulation attacks, further underlining the need for a fresh approach to data security.
Perhaps the most disturbing prediction is that as defenders look to artificial intelligence (AI) to bolster security, this will be mirrored in the cyber criminal world by AI-driven attacks.
Overall, the pace and variation of exploits driven by technically astute adversaries will only gain momentum if not managed effectively, said Mike East, vice-president of sales in Europe at CrowdStrike .
What will not change, he said, is that all businesses will be vulnerable as attack targets, whether they are a Fortune 500 company, a family-run business or a utility company.
RansomwareRansomware, typically in the form of encryption Trojans, grew rapidly in popularity with attackers in 2016, and these attacks are expected to cannibalise other more traditional attacks based on data theft in 2017.
The pursuit of profit is the primary motivation of cyber criminals, and ransomware is the simplest and most effective way to achieve this, said researchers at Panda Security .
But not only is the number of ransomware attacks expected to continue to increase, the malware involved is also expected to become more sophisticated, predict security experts at SecureWorks .
“Though most ransomware attacks are not targeted, it is likely there will be an uptick in targeted attacks in 2017,” said Alexander Hanel, a security researcher at SecureWorks.
“Compromising corporate environments through targeted attacks allows the attackers to request more money than they would receive from a typical user. That makes enterprise targets more attractive,” he said.
Read more about ransomware Businesses still get caught by ransomware ,even though straightforward avoidance methods exist. Criminals used devices compromised forclick fraudas the first step in achain of infectionsleading toransomware attacks, said security firm Damballa. The first half of2014saw an increase in online attacks thatlock up user dataandhold it to ransom. The CryptoLocker ransomware caught manyenterprisesoff guard, but there is a defence strategy that works.
In 2016, a wave of ransomware attacks hit targets ranging from hospitals to a major metropolitan municipal railway system, said Hanel. “The proliferation of ransomware families and the success attackers have had in compromising systems makes it highly likely these types of attacks will continue in 2017,” he said.
The emergence of open source ransomware programs hosted on GitHub and hacking forums is expected to further spur the growth of these attacks in 2017.
“These programs are freely available for anyone who has the basic knowledge needed to compile existing code,” said Ondrej Vlcek, chief technology officer at security firm Avast .
“Even if the wannabe perpetrator doesn’t have the skills to create their own malware from free code, this can now also be readily outsourced. There is already a ransomware as a service [RaaS] model, which provides automatically generated ransomware executables for anyone who wants to get rich by infecting potential victims. The bottom line is that creating or buying your own ransomware has never been easier. So ransomware is here to stay and is expected to be a bigger problem yet in 2017,” he said.While law enforcement action is expected to have some effect on general ransomware, security experts predict 2017 will see a rise in ransomware targeting mobile devices.
In the light of the fact that mobile users generally have their data backed up on the cloud, mobile ransomware will aim to steal users’ bank credentials and take money directly from their accounts, according to virtual private network ( VPN) service provider NordVPN .
Security experts generally advise against paying ransoms because there is no guarantee the data will be restored.
The threat of ransomware encryption and file deletion can be minimised by solid malware protection, email hygiene and regular, offline backups.
However, Avast’s Ondrej Vlcek points out that cyber criminals could potentially also download a copy of sensitive data and threaten to publish and expose these files online if the company fails to pay ransom.
“This technique is called doxing . It has been used in hacking attacks where systems have been penetrated. While, to date, only proof-of-concept inclusions of doxing capabilities have been seen in ransomware, we’re predicting to see more of this type of extortion in the wild in 2017,” he said.
Another prediction is that 2017 will see the emergence of self-propagating ransomware that will have the same kind of characteristics traditionally found in network worms such as Conficker .
This will result in a breed of ransomware designed to produce endless duplicates of itself, spreading the infection across an entire network, according to WatchGuard Technologies .
Internet of thingsIn the light of Mirai IoT botnet-enabled DDoS attacks towards the end of 2016 that exploited weaknesses in IP cameras and routers, this trend is expected to continue in 2017.
“We predict the number of botnets that can enslave IoT devices will continue to grow in 2017 as the number of devices vulnerable to exploitation increases,” said Ondrej Vlcek.
“The growth in wearables also presents a growing challenge. Not only d