• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Ransomware one of the biggest threats in 2016

Ransomware one of the biggest threats in 2016

  • Posted on:January 8, 2016
  • Posted in:Industry News
  • Posted by:
    Noah Gamer
1
Ransomware is going to become an even bigger problem this year.

With a new year comes new ways for hackers to attempt to gain access to personal data. For 2016, the oncoming threats are older malware wearing new robes, so to speak, and companies are going to have to find new ways to improve cyber security. One of the ways hackers can infiltrate systems is via the use of ransomware. This is a malicious program that locks up a device until an amount of money, usually in Bitcoin, is paid to the perpetrator of the hack.

According to Security Magazine, the number of ransomware attacks is predicted to increase in 2016. More than 4 million samples of ransomware were identified in the second quarter of 2015, indicating an upward trend, as in the third quarter of 2013, fewer than 1.5 million samples were analyzed. It follows that as 2016 progresses, that number is only going to up. For instance, The Atlantic recently reported on a string of attacks that impacted small police departments in Massachusetts, Tennessee and New Hampshire, where hackers extorted $500 to $750 for the departments to regain access to their critical, encrypted data.

Trend Micro's analysts also predicted that ransomware would see an increase in the coming year. It's especially important to note that as the world becomes more connected with the rise of the Internet of Things, this gives hackers an even wider avenue of attack.

The problem with ransomware

These kinds of malicious programs are getting sophisticated. When ransomware first started appearing, it would include an alarming message telling the user that his or her computer had been infected and would need to be wiped clean with a (fake) anti-virus software, according to The Atlantic. Now, however, those first-generation attempts at ransomware seem tame in comparison to the monsters of today.

Late last year, researchers at Trend Micro reported on the Chimera crypto-ransomware, which encrypts files and threatens to release them to the Internet if the ransom isn't paid. Not only is access to the computer restricted, but the user believes that personal data could potentially spread to the wind if he or she doesn't pay the Bitcoin amount. Trend Micro's analysis showed that despite this threat, the program doesn't actually have the ability to disseminate personal information in this manner. However, the general computer user doesn't know this – which gives him or her more incentive to actually pay the requested sum.

Ransom32

Already this year, ransomware attacks have been rampant. The Register reported in early January about a new form of what is now being called "ransomware as a service." The program, called Ransom32, uses AES encryption with a 128-bit key to lock up files and extort Bitcoins from unsuspecting users. The timeline given is four days, at which point, if the payment isn't made, the price of decryption will increase to 1 Bitcoin, or $350 according to the ransom message.

Ransom32 has so far only been reported on Windows machines. It was created using Javascript, which marks a difference between this and other ransomware. An underlying NW.js application is the driving force behind the program.

"NW.js allows for much more control and interaction with the underlying operating system, enabling JavaScript to do almost everything 'normal' programming languages like C++ or Delphi can do," said Emsisoft's Fabian Wosar.

Ars Technica's Sean Gallagher noted that Ransom32 is different from other malware of the same vein. The ransomware-as-a-service aspect of this code marks the biggest deviation from the norm, as it is being peddled to would-be hackers as a complete package. In other words, instead of having to develop their own malicious code, less tech-savvy cyber criminals are able to purchase a program with which to inflict these kinds of problems. The sellers of this service simply ask for a percentage of the profits and for an upfront purchasing fee.

This makes the problem of ransomware even more important, because this means more instances can be created and used by inexperienced hackers. The aforementioned predicted increase in these types of attacks becomes increasingly clearer – because of the wider user base of these ransomware-as-a-service programs.

What can be done?

How do companies and individuals protect themselves from these types of malware? It's crucial to invest in the right kind of security solutions so that ransomware like Chimera and Ransom32 don't infiltrate systems and cause irreparable damage to machines and reputation alike. In order to protect computers and data from attacks like these, businesses and personal device users should first educate themselves about the malicious programs that are out there – and then invest in threat protection solutions that can make a difference in the level of protection these personal and business machines have.

As ransomware looms large on the horizon for 2016, security software solutions like Trend Micro Security offer the right kind of protection for individuals and businesses. Contact Trend Micro today for more information.

Related posts:

  1. The biggest cyber threats for the rest of the year
  2. The biggest ransomware threat could be in your pocket
  3. 2017’s Biggest Threats and What CISOs Can do to Mitigate Risks in 2018
  4. Ransomware Updates: Newest Threats, Protection Best Practices

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.