Ransomware is Dead……..

It seems we have beaten ransomware and it will never surface again! Okay maybe not but lets be honest it has been fairly quiet in the news about ransomware especially after last years huge news around #wannacry #nonpetya etc. But does this mean that ransomware has had its time and is no longer around? Well lets look…………….

List of recorded / reported Ransomware attacks of 2018 in North & South America:

January

• Belle Fourche City Hall – South Dakota
• Hancock Regional Hospital – Indiana
• City of Farmington – New Mexico
• Adam’s Memorial Hospital – Indiana
• Allscripts – North Carolina
• DGH Engineering Ltd. – Manitoba and Alberta
• Pulmonary Physicians – Ohio –
• Chester County School District – South Carolina
• Spartanburg County Library – South Carolina
• Sacramento Bee Newspaper – California
• Children’s Aid Society of Oxford County

February

• Davidson County
• Colorado Department of Transportation
• Pulkit Khandelwal Accounting Firm
• City of Leeds
• City of Hinesville

March

• Connecticut Court Systems – Connecticut – No

That is a fair few with some big names in there like “All Scripts” which was a big attack and outage yet had very little air time. But there is little hype around ransomware at present, maybe in part this is due to crypto currency mining, are organizations now making enough money from mining crypto that Ransomware is not needed? It will be interesting to watch.

Quick Ransomware Fact

The first ever recorded ransomware virus was written in 1989 and distributed by floppy disk. It targeted AIDS researchers by posing to be a questionnaire designed to determine patients risks to AIDS, Joseph Pop the author distributed 20,000 copies of this to 90 countries. It pretty much behaved like a ransomware virus does today, locks you out of your files for a fee, but no bitcoin this time, you had to send your money via post, it was the 80’s after all!

So what does 2018 hold for ransomware?

Well given the above results it is not off to a bad start is it? This is purely and simply as this ransomware business is so lucrative to cyber criminals and put simply there are no shortage of targets. Here are some predictions and talking points for 2018 & ransomware:

1. RaaS – Ransomware as a service will continue to grow, commercially off the shelf available ransomware means less development time and its a service just like the cloud.
2. As a result of #1 the amount of ransomware families will decrease as main stream RaaS takes over.
3. Weaponization of AI – well more machine learning as we know AI is mostly marketing at the moment. Security firms and researchers have been using machine learning models, neural networks and other AI technologies to better anticipate, classify and take action on attacks. We would be foolish to think that cyber criminal organizations are not doing the same. Welcome to the battle of the machines!
4. Ransomware as a smoke screen – Ransomware can cause enough significant disruption in an organization for another attack to actually be happening. Think about it ransomware is easy to disrupt an organization for long enough so that a group of cyber criminals can obtain from your networks what they want or deploy what they want. It was widely though last year that #wannacry was an attack of this kind but in truth I always thought that attack was a mistake.
5. New targets – I think large scale big data systems have gone largely un-noticed in the ransomware world, odd when you think that there are over 4,487 HDFS systems connected to the internet with only basic authentication. Last year (Jan 2017) saw 10,500 Mongo DB servers hacked. When you think of these systems they usually carry anywhere between 25TB to 5PB of data and that data is important!

In conclusion I do not think ransomware is going to go away anytime soon, so keep on following best practices and use software which is out there to mitigate any risks, I hope no one has to post money off to pay a ransom! – Brilliant!

Please like, share, comment