3 easy predictions for ransomware in 2020

As the new year quickly approaches, cyber criminals are once again preparing to attack individuals and especially businesses. Their attacks will be more sophisticated and even better at extracting money from you. We make three easy predictions for the next year and urge you to be prepared:

via Liveuamap

Ransomware Petya in action (via Liveuamap)

1. Ransomware authors will innovate, too.
We are all in awe of the possibilities new technologies like machine learning, big data, the growing number of CPU cores and GPU acceleration bring. So are malicious hackers – expect them to pick up on these technologies. A major way will probably be through improving phishing techniques, improving targeted emails through artificial intelligence (AI) for example. That will allow them to avoid getting caught in spam filters and improve hit rates on victims. And faster encryption on modern multi-core CPU and GPU systems will make it even harder to detect and stop ransomware before it is too late.

2. Targeting will improve
Focusing on business targets has resulted in a massive increase in income from ransomware over the last years and there is no way this trend will reverse. Sadly, there are still countless businesses out there that have not taken many precautions and there is a lot of money to be made. Insurance companies are actually playing a key role here, as they pressure businesses to follow best practices to avoid having to pay out. But keep in mind that an insurance does not fully cover the massive costs of a ransomware attack in terms of lost time and data. They might pay off the attackers but do you really think any insurance covers the lost revenue due to your sales people being unable to work or the time lost fixing the computers of your employees?

3. Unknown exploits become more used
The increasing revenue from ransomware means its authors are more motivated and financially capable to acquire valuable, zero-day exploits. Theft of government-created exploits in the past has already shown one way this can affect even perfectly up-to-date systems and the rising value of exploits on the open market will result in more attacks like that.

All this means prevention will only go so far: recovery will become more and more important. That is, backups, and of course easy, powerful tools like Nextcloud’s unique Ransomware Recovery mechanism which can automatically recover all ransomware-encrypted files after an attack.