Ransomware seems to be everywhere. We know it is a hot topic among security experts, and it seems that any security incident that isn’t a big-time data breach is a case of ransomware.
But, would it surprise you that in 2016, the so-called Year of Ransomware, ransomware attacks made up only less than 1 percent of malware attacks? That’s what Ken Dwight, aka “The Virus Doctor,” told me during a conversation at last week’s Spiceworks’ SpiceWorld conference.
Dwight and I sat down to discuss the trends that he has been seeing in ransomware, and he immediately wanted to set the record straight: Ransomware is bad, but the media may be overblowing its impact. I admit that I was surprised that ransomware was so low on the malware totem pole, considering how much visibility that it has.
However, Dwight said, that doesn’t mean we shouldn’t be talking about it. It is a serious problem that creates havoc for organizations that are most targeted, like health care. And, although he doesn’t have exact numbers, Dwight said ransomware attacks are increasing.
So what are the trends that Dwight is seeing in ransomware? Here are the ones that most stood out to me:
- Bad guys are getting smarter in figuring out how to bypass security systems. This is not surprising. Across the board, bad guys are smarter about beating security. After all, any tools that are out there for organizations to mitigate attacks are available for criminals to use to circumvent protection.
- They are doing a much better job of specifically targeting ransomware. Like phishing attacks have become more targeted to individuals and groups, ransomware attacks are targeted to certain industries rather than sending out random attacks. In addition, because they know who they are attacking, the criminals are individualizing ransoms.
- Tech skills aren’t necessary. Developers are selling source codes and exploit kits dirt cheap (originally, they cost thousands of dollars and now just cost $25 or so). The hard work has been done for them; now it is a way to make money.
- Malvertising is becoming a popular infection vector for ransomware. Unsuspecting users go to legitimate and respected websites, only to be the victim of a drive-by ransomware attack thanks to infected ads.
There is a bit of good news trending, too, Dwight told me. Good guys are getting better at developing decrypters to address ransomware infections, and ransomware is raising our overall intelligence about malware and how to deal with it.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba