Ransomware has been one of the most lucrative businesses for cybercriminals – and a major pain for end-users and businesses – for the past couple of years.
At first only the Windows operating system was targeted, but the status quo changed when Linux and Android ransomware samples started claiming victims. While security experts agree it was bound to happen, this diversification can only bring forth a 2016 that’s scary for the average internet user and profitable for malware developers.
At first only the Windows operating system was targeted, but the status quo changed when Linux and Android ransomware samples started claiming victims. While security experts agree it was bound to happen, this diversification can only bring forth a 2016 that’s scary for the average internet user and profitable for malware developers.
The Leap towards Extortionware
Among Bitdefender’s predictions for 2016, ransomware is not only a top concern, it will also change the way we perceive personal data. If until now it simply encrypted data and demanded payment for unlocking access to critical information, in 2016 it will move towards extortionware by threatening to also post all accessed data online.
Consumers who chose not to pay can always recover their data online once it’s posted. However, for businesses and large companies that get hit, this might not be a viable option. While personal files, such as photos or documents, might be sensitive to the average user, companies would be far more impacted by having critical and potentially confidential data posted online.
Consequently, when faced with public shaming for slack security coupled with a crippled company reputation, extortionware might be a far more profitable business for cybercriminals when targeting SMBs.
Linux.Encoder is Just the Beginning
The new Linux ransomware, dubbed Linux.Encoder, has been affecting web servers for the past couple of months. While still in its infancy, the three variations – Linux.Encoder1, Linux.Encoder2 and Linux.Encoder3 – are flawed, as security researchers from Bitdefender have managed to crack the encryption and provide a free Linux.Encoder decryption tool for any infected victim.
The truly scary part about Linux ransomware is that the internet is based on Linux-powered web servers that sometimes host more than one website. If an unpatched Linux web server is exploited and infected with Linux ransomware, all hosted websites could be affected. To this end, it’s entirely likely that, if an unbreakable Linux.Encoder distribution is created, damages could be catastrophic.
Android Ransomware Upping the Game
Although current Android ransomware has focused on locking the device’s screen or only encrypting information on external memory cards, the new techniques will not only make it more persistent but also more difficult to dodge.
In terms of malware, the Android operating system has been slowly emulating the behaviour of Windows threats, with ransomware among them. While currently removing a ransomware infection could be handled with a “Restore to factory settings” even with some really persistent threats, future ransomware capabilities could negate this option.
Experienced ransomware malware developers will make it increasingly difficult for end users to recover their device’s functionality, either by making it extremely difficult to access “Safe Mode” features or by successfully encrypting on-device data.
Is there Ransomware Protection?
Security experts argue that the best defence against ransomware lies in combining a security solution with an efficient offline back-up mechanism and increased user awareness. While these are indeed viable solutions, Bitdefender has also recently introduced anti-ransomware technology in its consumer products that can help protect documents, files and even photos from being encrypted.
For instance, if a computer gets infected with an unknown variant of ransomware, this anti-ransomware technology will prevent the malware from encrypting files stored in “My Documents”, “My Videos”, or “Pictures”. Of course, users can also add their own custom directory to protect with the same technology.
Additionally, it’s highly recommended that all installed software – along with your operating system - should be updated with the latest security patches to avoid having it exploited through unpatched vulnerabilities.
This article is brought to you in association with Bitdefender.
EmoticonEmoticon