07.20.17

What will ransomware look like after WannaCry?

Ransomware has been around since the 1980s, but its fundamental trick – infecting a device, encrypting its files to render important data unusable and then demanding payment – has not really changed to the present day. The pioneering Aids Info Disk ransomware was distributed via floppy disk and built to encrypt all files on the main C: drive of any computer that installed it. Except for the distribution mechanism, this design is nearly identical to that of the recent headline-grabbing WannaCry threat.

What was WannaCry?

WannaCry was one of the most high-profile ransomware attacks in history. It affected the assets of the National Health Service in the U.K. and Telefonica in Spain. Approximately 200,000 systems worldwide were hit by WannaCry, although up to 16 million more may have been infected with no consequence, following the discovery of a “kill switch” that cyber security researchers exploited to disable the WannaCry botnet.

Scale, rather than technical design, was the distinguishing feature of WannaCry. It contained numerous design flaws – not just the kill switch, but also an inability to exploit the highly vulnerable and still-popular Microsoft Windows XP – that mitigated its impact, which nevertheless was significant enough to revive concerns about a new wave of ransomware.

Encryption is a signature feature of ransomware.Encryption is a signature feature of ransomware.

Ransomware after WannaCry

Ransomware can enter a PC or mobile device via a compromised application, website or phishing scheme. While organizations are often the prime targets of ransomware, consumers are also at risk from this increasingly common line of attack. The 2017 Data Breach Investigations Report from Verizon found that ransomware was the fifth most common form of malware; as recently as 2014, it had been twenty-second.

In the near term, everyone will have to be on the lookout for ransomware that has fewer flaws and more potential targets than WannaCry. The new Petya ransomware variant is a good example, since it does not feature a kill switch loophole and had already infected thousands of systems over a few days in June 2017.

“What if malware similar to WannaCry compromised a car?”

Another cause for concern on this front is ransomware capable of attacking the Internet of Things, the vast conglomeration of devices and networks extending beyond traditional laptops, phones and tablets. Security expert Bruce Schneier recently raised this issue in an article outlining the future of ransomware.

For example, what if malware similar to WannaCry compromised a car, thermostat or refrigerator connected to the internet? Dealing with the consequences would be more challenging than with similar infections on a PC, since there is no readily available backup system, nor a sophisticated software user interface for accessing deep parts of the system.

Staying safe in a ransomware-filled world

As the IoT comes into focus and ransomware become more advanced across all platforms, consumers will need comprehensive protection against such threats. Solutions such as Anti-Virus and Online Backup from Total Defense are essential for preventing the malware infections and data loss that can make ransomware campaigns spiral out of control. Visit our main shop page to explore your options.