• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

WatchGuard 2016 Security Predictions: #1 Ransomware

December 3, 2015 By Corey Nachreiner

At the end of each year, WatchGuard’s security team and I like to spend some time imagining what the threat landscape might look like the upcoming year. This not only gives us the opportunity to analyze the security trends we’ve followed over the past year, but also allows us to creatively extrapolate what might happen next. Though our predictions don’t always hit dead on, they’re based on very real security trends, which means they can help you prepare your defenses for 2016’s upcoming threats.

This year, I’ve come up with ten predictions covering a wide variety of security threats and trends that will impact many organizations. As 2015 comes to a close, let’s explore some of the new security threats we may see in the coming year. I’ll release one prediction a day for the next ten business days. Here’s the first of WatchGuard’s top ten new security predictions for 2016.

WatchGuard Security Prediction #1 – Ransomware Comes Looking for Your Droids

The first prediction focuses on ransomware, which has really taken off over the past three years. Ransomware has evolved from relatively feeble policeware variants like Reveton to extremely effective cryptoware samples like Cryptolocker and Cryptowall.

Prediction video link: https://www.youtube.com/embed/5SVYwyDWQ9U

Unfortunately, these new strains of file encrypting malware are so good at their evil jobs that many victims have paid the ransoms. FBI agents have even gone on record recommending victims pay up.  Our acquiescence to this cyber ransom will only ensure that victims continue paying up in 2016. Proving to cyber criminals that this practice works, so expect them to up the stakes and continue refining their cryptoware techniques next year.

We expect the evolution in two main categories:

  • Targeting of wider platforms – Right now, ransomware primarily targets Windows victims. We’ve seen Mac, Linux, and Android samples, but those haven’t had much success yet. Next year, we expect this will change, and that cyber criminals will make very effective ransomware for alternate platforms; especially for Android mobile devices and Mac laptops.
  • Refinement of the extortion techniques – Now that cybercriminals have figured out victims are willing to pay for lost files, we suspect they’ll start to develop nasty new methods to tighten the screws on victims. Next year, expect them to target specific business files or other critical information. For instance, in the past they’ve encrypted web server files to temporarily take down a web server. Yet, imagine if they targeted password managers, thus preventing you from logging on to anything, or worse yet, if they targeted the SCADA systems used to run critical infrastructure. We also think they’ll up their psychological pressure by threatening to release your embarrassing files to the public or by harming your reputation in some other way.

In short, Crypto ransomware will get even worse in 2016, and will become more effective at stealing millions from Android and Mac users as well.  Visit our WatchGuard security predictions site to see a new daily security prediction over the next ten days.

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Uncategorized Tagged With: email, Hacking, Infosec news, Malvertising, online scams, Phishing, Software vulnerabilities

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use