Security in 2017: Ransomware will remain king
 
Posted December 14, 2016 by Malwarebytes Labs
 
2016 was the year of ransomware, with hackers focusing their attention on
exploiting Internet users and businesses around the world for profit. According
 to the FBI, cyberextortion losses have skyrocketed and ransomware was on track
 to become a $1 billion a year crime in 2016.
 
Our research shows no sign of this security nightmare slowing down in 2017.
Hackers are becoming more advanced, and ransomware remains an incredibly easy,
lucrative way for them to make money. Unfortunately, the security community has
 only started to develop defenses that can protect Internet users from
ransomware.
 
With the new year around the corner, security researchers at Malwarebytes Labs
have compiled a list of predictions that encompass what new ransomware threats,
 developments, and opportunities they expect consumers and businesses will face
 in 2017.
 
Ransomware will become personal.
 
 Most ransomware attacks today are indiscriminant. For the most part, cyber
criminals issue ransomware at random, hitting anyone and everyone that they
can. However, it's increasingly likely that targeted ransomware attacks will
become the new norm. If an attacker can recognize the difference between an
enterprise and a consumer target, they will be able to adapt their ransom
demands to match their victims. The intentions of attacks are also likely to
become more personal. In addition to encrypting files, ransomware attackers
will soon be threatening to post data or information on social media, or to
expose it in an equally destructive way. As with most cyber attacks, ransomware
 will grow to take advantage of more human vulnerabilities.
 
Ransomware protection will become an investment.
 
Until this past year, companies and consumers had few solutions available to
them to help detect and fight ransomware. Security researchers have been
working hard to find decryptors of specific ransomware types so that they can
effectively protect against them in the near future. However, when a ransomware
 descriptor is recognized, ransomware authors often tweak their attacks to
avoid detection. As this cat and mouse game between security researchers and
ransomware creators continues, more security vendors will debut anti-ransomware
 protection offerings. In fact, we predict that by the end of 2017 at least 50%
 of security companies will release some sort of ransomware detection and/or
prevention software. Companies and consumers will both find themselves
investing in new anti-ransomware security software in 2017.
 
Password managers will become a huge target.
 
In 2017, password managers, digital vaults where users store passwords and
other authentication data, will become a huge target for cybercriminals. In
fact, just last month, it was revealed that Apple's new iOS 10 operating system
 has a potential security hole that could help hackers get access to passwords
and other sensitive information. Hackers are apparently able to infiltrate
Apple's Keychain password manager. For a hacker, breaking into a network such
as this can be incredibly fruitful. The top password managers are likely to
find themselves under attack in 2017.
 
Attackers will pick pocket the digital wallet.
 
With the growth of financial and budget planning applications; increased
pervasiveness of new payment methodologies such as Apple Pay adding new
wrinkles (such as making online payments through the phone); and the growing
pervasiveness of cryptocurrencies (like Bitcoin, Litecoin, and Peercoin), there
 will be increasing attacks against applications, plugins, digital wallets, and
 the companies holding authentication data allowing access to these digital
currency streams. With the incremental adoption of each of these technologies,
the potential windfall from a dedicated attacker increases. Soon it will be
more than enough to attract organized criminals who previously flocked to the
banking Trojans of the past. In fact, the first attacks may evolve from the
original Zeus source code, the granddaddy of banking Trojans.
 
A new exploit kit will emerge as the top dog.
 
In recent months, we have witnessed several trends that hint that existing
malware attacks are going "back to the basics." For example, there has been a
rise in the spread of malware attacks through email and phishing, while more
sophisticated malvertising and exploit kit attacks have decreased. Companies
and consumers have figured out how to block Java and Flash and are moving to
HTML5, making it harder for the existing exploit kits to succeed in deploying
malware through malvertising.
 
Since Angler EK disappeared in June 2016, several other exploit kits have been
battling for the top spot. An underdog, RIG EK is now positioned to be the new
leader, but it still relies on older vulnerabilities, all of which are easily
prevented today. This opens up a massive opportunity for a new, sophisticated
and dangerous exploit kit to emerge in the next year.
 
Malware will become engrained in tech support scams and attacks will increase,
globally.
 
Tech support scams (TSS) have become incredibly advanced and dangerous over the
 last few years and most recently we have witnessed TSS deploying malware, and
even extortionware. In 2017, TSS attackers will dive into this benefit
headfirst and leverage the malware threat landscape more than ever before.
 
The IoT will thrust DDoS attacks into a new era.
 
In 2017, the Internet of Things (IoT) will perpetuate an evolution in how DDoS
attacks are orchestrated. In September of 2016, we saw a DDoS attack like never
 before. Security blogger Brian Krebs found himself under attack by the biggest
 DDoS attack ever recorded, and sources emphasized that CCTV cameras wired to
the Internet and other unsecured connected devices were leveraged by attackers
to orchestrate the attack. Based on the sheer volume of devices that we have
connected to the Internet today, the very real challenge of not being able to
update or secure their firmware and the ease in which these devices can be
identified using both general (Google) or specialized (Shodan) search, the
possibilities for DDoS attackers have exploded. We anticipate that we will see
increasing attacks like the one that targeted Krebs, perhaps even targeting
critical infrastructure such as the power grid or government communications
 
Security will be the #1 priority for the boardroom.
 
In 2017, we anticipate that more security professionals will be asked to join
company boards. The need to have someone technical with a background in
security on your board is currently at an incredibly hire premium-across all
industries. This will only continue to grow over the next year, as we continue
to watch it evolve as one of the top business and political priorities of our
age.
 
 
Regards,
 
Roger

--- DB 3.99 + W10 (1607)
 * Origin: NCS BBS - Houma, LoUiSiAna (1:3828/7)