ransomware lockAccording to cybersecurity firm Bitdefender, ransomware is now estimated to be a $2 billion a year business. At the start of 2016, it was already a billion dollar business, but thanks to WannaCry, NotPetya, and the thousands of other ransomware attacks across the globe, revenues have doubled.

What does that mean for ransomware in 2018? Unfortunately, it doesn’t show signs of stopping. Bitdefender says ransomware developers are experimenting with targeting the GPU (Graphics Processing Unit) instead of the CPU (Core Processing Unit) of the computer, meaning file encryption could be completed much faster. Forrester also predicts that ransomware in 2018 will target IoT systems (most of which have incredibly weak security) and mission-critical POS systems. With the average price to unlock files skyrocketing from $410 dollars in early 2016 to $1,000 today, criminals have a much higher potential payday against businesses, and attacks against them as such have tripled in 2017.

How to protect yourself

First of all, beware of links sent in emails, and keep your anti-virus and firewalls up to date. Some cybersecurity firms also offer special ransomware to block malicious downloads and exploit kits. However, phishing emails continue to be the most popular delivery method for ransomware, so it’s extremely important to be cautious about opening and clicking on any attachments. There are 160 distinct families of ransomware currently known, with one in six emails now containing ransomware. There’s only so much anti-virus or anti-malware products can do to keep up, which is why human vigilance is more important than ever.

It’s also important to keep several copies of your files in different locations and different networks. It’s not enough to have a single backup of your files on the same network as your production data. Ransomware has evolved to spread across a network and infect everything on it. Remember the 3-2-1 rule: Three copies of your data, in two different locations, with one offsite. This will help ensure that your data integrity remains intact even if your files are held hostage.

If you’ve been infected, try to avoid paying the ransom if at all possible. It’s not always possible, but security researchers and the FBI recommend not paying because it helps dissuade further attacks, and because payment doesn’t always guarantee a safe return of files. In fact, less than half of the victims who pay up recover any files. See the following resources if you or your company have been hacked.

  1. How to recover from a ransomware attack
  2. FBI ransomware prevention and response for CISOs
  3. Decryptor tools from TrendMicro and Kaspersky Labs

Ransomware is a great way for criminals to make money, and they’re only going to refine their attack methods to ensure even more success in 2018. Stay on the alert as we head into the new year.

More ransomware resources

Looking for more ransomware resources? Check out the following:

What is ransomware, and how do you protect against it?  Ransomware has been rising at an “alarming rate,” according to security researchers, with a 3,500 percent increase in criminal use of net infrastructure that helps run ransomware campaigns. (read more)

Ransomware in healthcare: What you need to know: Ransomware was officially a billion dollar crime in 2016, with more than 4,000 attacks since Jan. 1 and at least 25 variants of ransomware discovered. (read more)

Breaking down the WannaCry ransomware attack :Companies across the globe are still reeling and recovering from the global ransomware attack known as WannaCry on Friday, which took down tens of thousands of machines in 150 countries, including Britain’s National Health System. (read more)

How does Ransomware as a Service work? Ransomware has made headlines time and again for its devastating effectiveness on governments and organizations, but researchers are starting to pay attention to a developing trend within ransomware: Ransomware as a Service (RaaS).  (read more)

6 best ransomware resources on the web: Ransomware has exploded in popularity during the past two years, with the number of identified families growing 400 percent since 2015. (read more)

What is Malvertising? Malvertising, a portmanteau of “malicious” and “advertising” has quickly become popular with bad guys everywhere. Its first appearance was detected in 2007, and it’s been on the rise ever since. (read more)