So, remember ransomware? Holds your precious data hostage and won’t give it back unless you pay the cyber crooks who stole it in the first place, that whole deal? Well get ready – unfortunately, that was just the warmup. Security experts are predicting the next stage of ransomware to be even worse – ransomware 2.0, if you will.
In an article by CSO, Scott Millis, CTO at mobile security company Cyber adAPT, states that he expects ransomware to “spin out of control” in 2017. Not great news for partners. How could it possibly get worse than it already is? Especially considering that there were more than 4,000 ransomware attacks daily in 2016, according to Symantec’s 2016 Internet Security Threat Report.
Corey Nachreiner, CTO at WatchGuard Technologies, predicts that 2017 will see the first ever ‘ransomworm,’ which basically allows ransomware to spread faster. Nachreiner says that cybercriminals will likely mix ransomware with a network worm, hence the name. A few years ago, network ‘worms’ such as CodeRed, SQL Slammer and Conficker were commonly used. Hackers would rig and exploit network vulnerabilities to cause malware to automatically spread itself over networks.
“Now, imagine ransomware attached to a network worm,” says Nachreiner. “After infecting one victim, it would tirelessly copy itself to every computer on your local network it could reach. Whether or not you want to imagine such a scenario, I guarantee that cybercriminals are already thinking about it.”
Nir Polak, Co-Founder & CEO of Exabeam, a provider of user and entity behavior analytics, agrees with Nachreiner. He too predicts that ransomware will evolve, moving from a one-time thing to an entire network infiltration issue. “Ransomware is already big business for hackers, but ransomworms guarantee repeat business. They encrypt your files until you pay, and worse, they leave behind presents to make sure their troublesome ways live on,” states Polak.
Alex Vaystikh, cybersecurity veteran and co-founder/CTO of advanced threat detection software provider SecBI, predicts the first cloud data center-focused ransomware. Vaystikh says that in 2017, ransomware will go after databases which will cause significant downtime. “What we might see in the coming year is ransomware targeting places where there is less chance of backup files being available,” states Vaystikh. “For example, I think we’ll see that SMBs who move their files to the cloud generally do not have backups and do not know how to recover. Specifically encrypting cloud-based data like this would have a significant impact on cloud providers and cloud infrastructures.” Good thing to note for providers.
We now turn our attention to an interesting survey that was released yesterday by IT research and consulting firm Osterman Research. Among its compelling findings, the report, entitled “Best Practices for Protecting Your Data When Employees Leave Your Company,” details that the number one data protection problem for businesses is people jumping ship. To put a number to it, a whopping 69 percent of business organizations surveyed have experienced problematic data loss resulting from employee turnover/attrition. Spoiler alert… the cloud plays a big role in both the problem, as well as the solution.
According to the press release announcing the report, the data show that while there are certainly issues that occur in terms of the loss of corporate knowledge/expertise when employees fly the coop, many of those issues are related to employees actually taking data with them when they leave, or leaving it in unknown locations that corporate data managers can’t access.
“Whether it’s premeditated or simply in error, many employees leave their employers with a wide variety of data types that can include confidential or sensitive financial data, customer information, and/or product, sales and marketing roadmaps, as well as other business critical intellectual property,” said Michael Osterman, CEO and founder of Osterman Research. “This can leave a business organization vulnerable to regulation noncompliance, litigation, a loss in competitive edge and even embarrassing bad press with long-term ramifications – the kind that can curb an otherwise promising IT career. And of course, it could also simply mean the information you need to get your job done just isn’t there.”
Osterman goes on to say that there are technology policies and procedures that can be implemented to minimize, or even get rid of the potential for data exfiltration.
We finish this week off with a bang. Followed by a crash. And probably an eye roll or moan of despair or two. It’s no secret that last year was a rough one for cybersecurity. The battle against hackers’ increasingly advanced and stealthy attack methods was lost again and again, and channel partners have had a bear of a time navigating these new and horrendous pitfalls. Companies and Americans in general are more vulnerable to breaches and hacks than ever before – even our own government wasn’t immune. Given this uncertain and undeniably perilous cybersecurity landscape, IT experts, security professionals and service providers everywhere have been steeling themselves and preparing for what lies ahead in the new year.
But wait! It seems, folks, that we can happily toss away our concerns about cybersecurity in the new year. Our president-elect has the answers. In an article by the Chicago Tribune cringingly titled, “How Trump’s 10-year-old son could guide U.S. cybersecurity” – sorry, brief pause while I throw up in my mouth a little – Trump’s recent statements and “views” on modern technology are discussed in the context of our nation’s growing cyber-plights and how he intends to address once he takes office.
“The whole, you know, age of computer has made it where nobody knows exactly what’s going on. We have speed, we have a lot of other things, but I’m not sure you have the kind of security that you need,” stated Trump. Yes. Spot on, sir. The whole, you know, age of internets. And cybers. And such. Well said.
At his New Year’s Eve party, according to the Tribune, when questioned about the role cybersecurity policy will play in his administration, Trump’s response was a bit puzzling, to say the least. The answer, my friends, lies within the 10-year-old hands of Barron Trump, and the baskets of bike messengers. “If you have something really important, write it out and have it delivered by courier, the old-fashioned way, because I’ll tell you what, no computer is safe. I don’t care what they say, no computer is safe,” he said. “I have a boy who’s 10 years old, he can do anything with a computer. You want something to really go without detection, write it out and have it sent by courier.”
While there’s a certain Luddite-logic in that strategy when it comes to person-to-person communication, especially in light of Hillary Clinton’s embarrassing email leaks during the campaign cycle last year, I see some holes in this theory. Communicating via courier, skywriting or carrier pigeon hardly seems like a solid strategy for successfully combating cyberwarfare. Effective communication often requires crossing city lines. State lines. Countries. Continents. Show me a courier who can magically cover the world within minutes, and I’ll happily retract any snarky Harry Potter Floo powder remarks. Author of the article, Washington Post’s Catherine Rampell rounds this out perfectly: “More important — and I can’t believe this requires spelling out — cybersecurity is not merely about person-to-person communications (i.e., services for which couriers might plausibly substitute). It’s also about all kinds of other data, code and digitized operations.”
Think hyper-sensitive data – financial information, health records, company secrets, government secrets for that matter. “Astonishingly, Trump’s imagination for what computers can do — and therefore what technical vulnerabilities today’s companies, consumers and governments might face — appears limited by the observed skill set of his 10-year-old son,” continues Rampell. Cut to Russia and China collapsing in fits of giggles. Trumps lack of technical prowess, or even interest in it for that matter, is all the more reason partners need to educate their customers on how to truly and effectively secure and monitor their networks. We cannot afford to be disinterested in cybersecurity.
The views expressed in this column do not necessarily reflect the views of Penton Media or The VAR Guy editorial staff.