Ransomware is terrifying — there is no denying that. Anyone who has suffered a ransomware attack can attest to the confusion, the horror, the anxiety, and the exhaustion associated with this particularly vicious type of malware. In 2017, dozens of varieties of ransomware hit the web, many of them causing immensely expensive shutdowns of organizations across the U.S. and Europe. Months ago, experts were predicting decades more of the same type of attack and advising everyone how to respond to survive the era of ransomware.
Yet, the hubbub about ransomware has seemed to die down as swiftly as it arose. These days, the hottest cyberthreats are cryptocurrency miners, which use malware-like methods to infiltrate computers, and then they hide in the background, draining graphics cards and processors of power and running up energy bills in the name of generating digital money like Bitcoin, Litecoin, and Monero. So, is ransomware still a threat to consumers? Was ransomware a passing fad, or do device owners need to remain vigilant?
Ransomware Isn’t as Profitable as They Thought
Initially, it seemed that ransomware was a win-win for cybercriminals. First, they win by gaining access to victims’ machines and networks, allowing them to pilfer all sorts of valuable data that they can later sell or otherwise utilize for financial gain. Then, cybercriminals win again by alerting victims of the threat and tricking or forcing them into paying sometimes exorbitant fees for the return of their devices. On a large scale, this crime could be exceedingly lucrative.
However, despite several sweeping ransomware attacks, few cybercriminals dealing in this malware have escaped immensely wealthy. In 2017, WannaCry caused the entire healthcare system of the U.K. to shut down, crippled Spain’s gas and telecom companies, and aggrieved hundreds of other businesses and institutions around the world. Yet, a year later, the malware has yet to crack $100,000 in income from ransoms. Though some less famous ransomware attacks netted greater profits — such as CryptoWall, which brought in $325 million for its criminal masterminds — most people can recognize a ransomware attack and know not to pay the requested sum. Plus, advanced PC protection software is becoming more adept at recognizing ransomware threats, preventing the malware from reaching machines, anyway. Thus, most cybercriminals once enamored by ransomware techniques are looking for bigger and better methods of cyberattack.
Ransomware Lingers On, Threatening Data
That’s not to say that ransomware has disappeared — or even that it will ever disappear completely. Like phishing, like Trojan viruses, and like so many other antiquated types of cybercrime, ransomware will almost certainly carry on, afflicting fewer and fewer web users but remaining a persistent threat.
There are several reasons for the perpetuation of ransomware, such as:
- Laziness. Ransomware technology already exists, so lazy cybercriminals don’t need to work hard to develop new methods of launching attacks; instead, they can repackage old ransomware and let it loose, collecting occasional ransoms as easy income.
- Victims. There is no shortage of victims of ransomware attacks. Historically, ransomware has targeted healthcare providers, government entities, education institutions, and similar high-profile groups because their data is most valuable. Because healthcare, government, and education will not disappear soon, ransomware attacks are likely to continue, if on a smaller scale.
- Vulnerability. Software and hardware vulnerabilities are becoming rampant as developers rush their products to consumers in this incredibly competitive market. Unfortunately, vulnerabilities allow ransomware (and all cyberattacks) a greater chance of success.
Ransomware is likely to stick around, though it might not look exactly the same because…
Ransomware Will Continue Evolving
Currently, infosec professionals know intimate details about existing ransomware, and the media has been relatively effective about spreading information to consumers. Floating around the web at this very moment are dozens of variations of two types of ransomware: locker and encryption. Locker types change users’ passwords, hide files, and otherwise make data difficult for users to reach; encryption types use advanced encryption algorithms to make data utterly unreachable until the ransom is paid. The latter is more difficult to recover from, but both types might be obsolete in a matter of months.
Ransomware, like any other cyberthreat, can evolve, adapting to security measures designed to guard against it. Already, ransomware has made a huge leap, using IoT and mobile devices to reach larger, less secure audiences. In the future, ransomware might use emerging tech, like blockchain, to steal data and money. There is no telling what the future will hold for cybersecurity, but all web users are likely to see newer, more terrifying forms of ransomware in the coming years.