Predictions for the future
As this decade comes to a close, people are both reflecting and looking forward. Looking back, we’ve seen ransomware grow exponentially and become much more than just a nuisance. But where is it going?
Opinions by security experts are as diverse as the threats themselves. Most agree that we will continue to see an increase in the number of both attempted and successful attacks in the new year. Public and private sectors are both in danger, but there’s also an emphasis on the personal as well.
I’ve read research suggesting that mobile devices, especially Android, are going to be the next big wave of attack for cyber criminals.
Another huge threat looming on the horizon, although thankfully not yet seen, is the advancement of Artificial Intelligence (AI) ransomware. The idea of a ransomware strain that could learn and grow as it infiltrates systems is nightmare all in itself.
Will phone hacking be the wave of the future?
While talking with one of my co-workers at PC Matic about the future of ransomware, he pointed out that Android in particular has been out for a long time. The developers are constantly working to patch security holes and include new features (this is why you should be authorizing those software upgrades as soon as you can!)
And while there is definitely a possibility of hacking, there’s always your cloud backup. “People lose and break phones more than computers,” he said. Which is a good point. I know that in the past 5 years I’ve had 2 laptops, but 4 phones. While the physical device has changed, my cloud backup has always brought back my content.
“Couldn’t a cloud backup be infiltrated and encrypted?”
“The companies hosting this data are pretty sophisticated,” was another great point of his.
Perhaps we will see an increase in phone ransomware, as other security experts have suggested. If you keep on your security upgrades and cloud backups, however, the damage could be much less than it has to be.
No AI ransomware… yet
While there are whisperings of what could happen if a strain of ransomware is invented using AI, we haven’t seen any yet. That’s not to say it isn’t possible. Security companies are scrambling to integrate AI into their offerings.
The problem with AI integration into the majority of current antivirus (AV) solutions is that they’re still using blacklist technology and struggling to keep up with new threats. If you’re a regular reader here, you know that PC Matic recommends whitelist technology, and we’re not the only ones.
The National Institute of Standards and Technology has published a special publication Guide to Application Whitelisting. Additionally, they recommend application whitelisting as the only way to go in modern malware defense.
Without a proactive approach to security like application whitelisting, the idea of new and threatening malware, including the ever growing ransomware epidemic, can be down right scary.
What to do
Information is your best defense. Being informed, double checking suspicious activity, understanding how your network, systems, machines, and AV all work, and being vigilant is the best way to brace yourself and your company against new attacks. As we see more cases like what happened last week in New Orleans, we have to remind ourselves that we can’t afford to be lax on security.
For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.