Next year, targeted ransomware campaigns will focus on utilities and industrial control systems (ICSs). The average payment demand will increase by 6500 percent, from an average of $300 to $20,000 per payment. These attacks will result in real-world consequences like blackouts and loss of access to public utilities.
Ransomware has plagued the internet over the past five years, starting with CryptoLocker, the first really successful crypto-ransomware, and culminating with WannaCry, the first fast-spreading ransomworm. During these past years, cyber criminals have blasted out broad ransomware campaigns at everyone, looking to infect as many victims as possible while asking each for a relatively meager ransom.
However, over the past year hackers have shifted to targeted attacks that come with bigger payouts. Launching ransomware against organizations that offer critical services increases the odds that the ransom will be paid. Forty-five percent of all ransomware attacks in 2017 targeted healthcare organizations, like the NHS in the UK. In 2016, the Hollywood Presbyterian Medicare Center paid a $17,000 ransom to regain control of their computer systems, and other major ransomware attacks hit MedStar Health and dozens of others. Many U.S. cities were also hit with ransomware in 2017 and 2018, including Baltimore and Atlanta.
In 2019, cyber criminals will target public utilities and ICSs. These are vital services that have not yet been targeted by widespread ransomware attacks and therefore may not be as prepared for this type of attack. Cyber criminals know that any ransomware that can cause downtime to these services will get swift attention, allowing them to ask for considerably more money in return. This has the potential to cause blackouts and gaps in water and power services if these attacks are successful. To summarize, expect to see fewer ransomware attacks next year, but more focused attacks – specifically targeted towards utilities and ICS – with ransom demands increasing by 6500 percent.
What can be done? Fortunately, organizations looking to avoid these types of attacks can leverage UTM platforms with layered antimalware capabilities like AI-enabled detection, behavioral analysis and ransomware defense. WatchGuard security services like Gateway AntiVirus, IntelligentAV, APT Blocker and Threat Detection and Response combine to offer industry leading protection for advanced threats like ransomware.
Can’t wait to see what other emerging threats and security trends might surface next year? Watch a special video edition of The 433 – Security Simplified podcast or read the full list of WatchGuard’s 2019 Security Predictions.