With thousands of infected computers and millions of dollars lost, the latest ransomware attacks are surely marking the trends to come in the increasingly lucrative field of cybercrime. This, together with the exponential proliferation of connected devices on the IoT, as well as covert cyberwar, sets the stage for cybercrime to come.
More malware, more sophisticated than ever
Incidents from unknown threats went up 40% in this year’s second, according to the latest data collected by PandaLabs in their quarterly report. These attacks are carried out with malware that is unrecognizable to signature-based antivirus solutions, and also evades heuristic detection, indicating a considerable increase in the amount of new malware. As the PandaLabs report points out, small and medium-sized enterprises generally account for the most-targeted victims of these new malware attacks, but home users are more affected by this malware in terms of sheer numbers,
Increased sophistication means that much of the malware we’ve seen uses legitimate system tools to exploit vulnerabilities, something that is especially critical in professional environments. Over the course of 2017, more than 150 million attacks are expected, of which a large percentage will seriously affect companies. We’ve already discussed the growing economic impact that could reach almost three billion dollars in losses in 2017. However, other vectors should be considered, such as the IoT and the troves of data it connects to. Also of note is the increasing probability of being caught in the crossfire of a cyberwar between two world powers, as international cyberespionage continues to rise.
Ransomware, the “fashionable” attack
We can’t stop talking about the attacks that have caused the most impact in the past few months (and which incidentally are some of the most brutal cyberattacks in history). Both WannaCry, which has affected more than 150 countries, causing losses of up to four billion dollars, and the subsequent Petya/GoldenEye incident, whose economic impact was infinitely lower, wreaked havoc on corporate networks the world over. Regardless of who’s responsible for the attacks, their sophistication belies a budding professionalism and simmering hostility in the underworld of cybercrime.
We can no longer deny that there is indeed a cyberwar being waged, sometimes covertly and sometimes not. Often, the perpetrators appear to be institutional (governmental, to be more specific), a hypothesis that can be further justified by looking at the chosen targets of these attacks (especially in the case of Petya/GoldenEye). But it is also important to note that these ransomware attacks take advantage of vulnerabilities found in legitimate system tools, and can therefore be classified as zero-day attacks.
The EternalBlue exploit is at the center of these attacks. It had already been patched by Microsoft before the events took place, but many users had not updated their systems. If on a network of hundreds of computers just one employee fails to update with the patch, the entire network is exposed to the wave of ransomware.
Smart Cities are especially vulnerable. In some cases, the attacks not only resulted in the loss of data, but also brought entire systems down, leading to the interruption of public services. From blackouts to blocked devices, such as cameras or traffic signals, the consequences of recent attacks show that the future of cybercrime can seriously hinder our digital life as we know it.
Fighting advanced cyber attacks
Corporations and home users alike must be constantly vigilant, and that means constantly updating systems and using advanced cybersecurity solutions that can stop an attack before it is able to penetrate the network. And how can we protect ourselves from vulnerabilities we don’t even know exist? More modern solutions address the problem by monitoring systems in real time and are triggered by suspicious behavior (and not known signatures or heuristics). So despite the proliferation of unknown malware, users can stay protected at all times. This is the secret of the advanced technology of Panda Adaptive Defense: to prevent the attack before it happens.