The Rise of Ransomware in the New Normal

Last year ransomware made a comeback, as worldwide mobile operators made aggressive strides in the transformation to 5G, and GDPR achieved its first full year of implementation. The industry saw some of the largest fines ever given for massive data breaches experienced by enterprises. As the spike in demand for ransomware-as-a-service tools in underground forums, coupled with the anonymity offered by the dark web, the surge in these types of cyberthreats should not be a surprise.

This year ransomware will continue to garner more international attention as a host of the not new, like the continued rash of DDoS attacks on government entities and cloud and gaming services, to the new and emerging.

Growth of ransomware

One reason for ransomware attacks gaining widespread popularity is because they now can be launched even against smaller players. Even a small amount of data can be used to hold an entire organisation, city or even country for ransom. The trend of attacks levied against global cities and governments will only continue to grow.

Below I can share three new strains of ransomware types introduced:

Modular or multi-levelled/layered ransomware and malware attacks will become the norm as this evasion technique becomes more prevalent. Modular attacks use multiple trojans and viruses to start the attack before the actual malware or ransomware is eventually downloaded and launched. 70 percent of all malware attacks will use encryption to evade security measures (encrypted malware attacks)

It is no surprise that cyber security skills gap will keep on widening. As a result, security teams will struggle with creating fool-proof policies and leveraging the full potential of their security investments.

Slow adoption of new encryption standards

Although TLS 1.3 was ratified by the Internet Engineering Taskforce in August of 2018, we won’t see widespread or mainstream adoption: less than 10 percent of websites worldwide will start using TLS 1.3. TLS 1.2 will remain relevant, and therefore will remain the leading TLS version in use globally since it has not been compromised yet, it supports PFS, and the industry is generally slow when it comes to adopting new standards. Conversely, Elliptical-curve cryptology (ECC) ciphers will see more than 80 percent adoption as older ciphers, such as RSA ciphers, are disappearing.

Decryption: It’s not a choice any longer

TLS decryption will become mainstream as more attacks leverage encryption for infection and data breaches. Since decryption remains a compute-intensive process, firewall performance degradation will remain higher than 50 percent and most enterprises will continue to overpay for SSL decryption due to lack of skills within the security teams. To mitigate firewall performance challenges and lack of skilled staff, enterprises will have to adopt dedicated decryption solutions as a more efficient option as next-generation firewalls (NGFWs) continue to polish their on-board decryption capabilities.

Cyber-attacks are now the new norm. Each year brings new threats, data breaches and operational challenges, ensuing that businesses, governments and consumers must always be on its toes. With the transformation to 5G mobile networks and the dramatic rise in IoT, by both consumers and businesses, the potential for massive and widespread cyber threats expands exponentially. Let’s hope that organisations, as well as security vendors, focus on better understanding the security needs of the industry, and invest in solutions and policies that would give them a better chance at defending against the ever-evolving cyber threat landscape.