"Ransomware, the threat that seemed to smash all other cybersecurity topics in 2017, is still evolving by the day, and experts said companies should expect more sophisticated attacks in the new year.
Highly targeted phishing attempts, possibly powered by artificial intelligence; greater risks to shutting down industrial operations; and an increasing regulatory burden on preventing ransomware attacks are all part of the picture companies will need to consider in 2018.
The evolution of ransomware campaigns has led to extraordinarily targeted phishing techniques that are only getting more precise, said Steve Bunnell, co-chair of the data security and privacy practice at law firm O’Melveny & Myers LLP.
Justin Fier, director of threat intelligence and analysis at cybersecurity company Darktrace Inc., said he expected an increase in targeted phishing in 2018 due to the criminal use of artificial intelligence.
“In 2018, we will start to see the emergence of sophisticated threat-actors harnessing AI,” he said. “Imagine a highly sophisticated piece of malware that leverages AI to mimic writing styles, review appointments, and send ‘directions’ for an upcoming meeting to the victim.”
In addition, Mr. Bunnell said: “The consequences of not being prepared are increasing,” including regulatory implications from the EU’s General Data Protection Regulation, which goes into effect in May.
The GDPR puts stricter requirements around how soon and under what circumstances companies will need to report breaches. Depending on the nature of a ransomware attack, companies may not know immediately whether data held for ransom is, technically, in the hands of criminals, making it more difficult for companies to know if the offense needs to be reported to regulators.
Overall, given its explosion in 2017 and low overhead for criminal groups, Mr. Fier said, simply, companies should expect they will be targeted by ransomware next year: “No company is out of scope for malicious intent, even if they think they have nothing worth stealing.”
Ransomware Gangs Are Moving From Bitcoin to Litecoin
Due to high Bitcoin transaction fees, ransomware crooks are moving to Litecoin where transactions fees are much lower. Tripwire blogged on December 26th about the future of ransomware in 2018 and the technical details driving that development. And oh, you might want to have a few Litecoin in a wallet somewhere, just in case.
Tripwire's Upshot: The ransomware attack surface is getting increasingly pervasive in 2018 and beyond and reaching into all facets of our connected life.
What to Do About It
"There is no way to completely protect yourself from this ransomware. If you are online, you are vulnerable and may at some point encounter it. Implementing a 3-pronged approach of Educate, Secure and Backup to tackling this issue head-on is the probably the optimal strategy:"
Here is what they said about education:
"Educate: If you run a business, your employees are your most vulnerable parties and those most likely to cause infection. But they are also your [last] line of defense. Education on ransomware and other viruses is not just a one-off workshop; it’s a continually reviewed and reinforced strategy that seeks to update everyone on the latest threats."
We could not agree more. And how are the bad guys going to do this?
Google's new text-to-speech AI is so good we bet you can't tell it from a real human anymore, just listen to these samples. The next frontier in highly scalable social engineering: direct phone manipulation by an AI. Yikes.