I sat in on a keynote talk called “The Seven Most Dangerous New Attack Techniques, and What's Coming Next,” while at RSA. Not surprisingly, the talk focused heavily on ransomware and the Internet of Things – two topics that got a lot of attention at the conference this year. Other attack techniques were mentioned, as well, like bad random number generators, but everything kept circling back to ransomware and the IoT. For example, the panelists said that what we can expect to see coming in terms of attack techniques includes:
- More targeted ransomware attacks via spearphishing, and expect the new favorite target to be small banks and financial institutions.
- Nation-state actors will be using ransomware more often, but not as an attack method. Instead, they’ll use ransomware as a distraction to divert attention from more nefarious actions.
- The Internet of Industrial Things will be a greater target for ransomware as hackers are going to experiment to see just how much we’ll pay to keep the infrastructure operating, or expect more attacks like the one on the San Francisco Muni transit system last year.
This seemed to sync with others I talked to, who predict shifts in ransomware, including how attackers will target victims, who they’ll target, and the role IoT will play in ransomware, both as an attack vector and attack target.
But there were also some different perspectives about ransomware. For example, although a Kaspersky Lab report from December called ransomware the “Story of the Year,” with reports of a ransomware attack hitting every 40 seconds, the company’s Hacking America: Cybersecurity Perception study revealed at RSA found that consumers don’t want organizations to give in to attackers, at least not for everything. For instance, the study found that two in five don’t expect companies to pay the ransom for most lost data, but nearly half said absolutely pay to recover Social Security numbers and banking information.
And not everyone agrees that ransomware is as rampant as we’re led to believe. As eSecurity Planet reported:
In a recent blog post from the Microsoft Malware Protection Center, the software giant's security experts noted that "after peaking in August, when 385,000 [ransomware] encounters were registered, ransomware encounters dropped almost 50 percent in September, and it has continued to decline."
I think we’re watching an evolution of ransomware that includes changes in how it is administered and how we react to it. Bottom line, I believe that we will see new targets and new tactics but I think we are increasingly better prepared for such attacks. And when they aren’t generating the income, hackers will move on to the next idea.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba