A new report from IBM shows that the total number of breached records dropped about 25% last year, an amount representing 2.5 billion files. Unfortunately this did not mean that information security professionals suddenly discovered how to stop cyberattacks altogether. Most of the drop comes from files that have been encrypted, rather than outright stolen.
Yes, ransomware became so popular last year that it had a massive effect on the total number of stolen files. That’s alarming news, if not entirely unsurprising. It also raises some new questions, such as:
- Is this rise in ransomware a permanent trend, or a temporary feature?
- If it is a permanent trend, how will it change the way that security is practiced?
- How much should we expect the volume of stolen records to decrease?
Will We Be Talking About Ransomware Forever?
If you were going to argue that ransomware will become a permanent fixture in the information security landscape, the fact that it accounted for a 25% drop in data breaches is a convincing point. Add to that the recent cyberattack which dropped the city of Atlanta back into the world of pen and paper.
On the other hand, every industry has fads, and cybercrime is an industry. There are a few remaining facts which point to the argument that ransomware won’t be around forever – and its days of being a major threat might be over sooner than you think.
- It is now deeply ingrained in enterprise security culture to “never pay the ransom.”
- It is unclear as to whether the city of Atlanta paid the ransom.
- NotPetya victims were quite deliberately unable to pay ransoms, and the Wannacry perpetrators collected a pitifully small amount of money from their global attack.
As fewer and fewer enterprises become publicly willing to pay ransomware extortion fees, attackers will find that this easy source of money has dried up. This won’t end ransomware forever, but it may cease to become a top-tier threat.
Ransomware Will Change Cybersecurity Forever – Regardless of its Staying Power
Regardless of whether ransomware remains a top-ten threat, it has changed the face of information security by introducing two factors –untraceable cryptocurrency and eliminating the middleman.
Selling records stolen from companies is a time-consuming process, and it introduces an extra element of risk. Anyone that you sell a stolen record to might get caught and thereby lead authorities back to you in some way. Ransomware eliminates both the time and the risk. Companies will hand their money over instantly and will do so in an untraceable format such as Bitcoin or Monero.
Future methods of attack are likely to incorporate the same factors that made ransomware so convenient – in fact, they already do so. Crypto-mining attacks, in which attackers exploit a compromised endpoint or server to generate digital currency, incorporates the same basic elements as ransomware – except that most victims won’t even notice that they’ve been compromised. Lately, this method of attack has become so popular that it comprises 90% of remote code execution attacks.
Hackers Still Aren’t Going to Stop Stealing Records
Even a 25% drop in breached records still means that billions of files are being stolen. Neither ransomware nor mining malware will fix that problem in the near or long term. What security professionals should fear instead is a sort of “all-of-the-above” style of attack. For example, an attacker might decide to install cryptocurrency mining malware on your endpoints and steal your records and encrypt your files in order to cover their tracks.
To stop this kind of attack, security professionals need a solution that can cover all the bases. That’s where Safe-T comes in. Our Software-Defined Access Suite gives you the power to hide your attack surfaces from the general-purpose internet, preventing attackers from performing reconnaissance and diminishing the likelihood that you’ll be targeted. Learn more about how Safe-T can make you secure against ransomware and crypto-mining malware – sign up for a free trial today!