Exploit kits and botnets will begin to spread mass-produced ransomware in 2014
According to the Sophos security threat report, botnets will deliver more ransomware as users grow more resistant to fake alerts and anti-virus scams. Its statistics for June 2013 found that 29 per cent of exploit kits carry some kind of ransomware, in particular Glazunov that Sophos said had “become notorious for delivering dangerous ransomware”.
The report said: “It’s hard to predict what form future attacks will take – but we can imagine ransomware taking hostage not just your local documents, but any type of cloud-hosted data. These attacks may not require data encryption and could take the form of blackmail – threats of going public with your confidential data.”
Report author James Lyne, global head of security research at Sophos, told BBC News that there was evidence that many cyber thieves were keen to cash in on the success of ransomware programs such as Cryptolocker, as crooks seek criminally-minded software developers to write a kit that anyone could use to create their own mass-produced version of this type of malware.
Robert Hansen, security evangelist at WhiteHat Security, told IT Security Guru that there has always been a natural gravitation towards money-making activities that exploit fear, uncertainty and doubt that users have.
“This has been around since I got on the internet, so I don’t see it going anywhere,” he said. “It can take many forms from saying it can take down your website to saying we found you went to an adult site, I think it is a natural progression as it is an easy thing to add on top.”
Tim ‘TK’ Keanini, CTO at Lancope, said: “It used to be the case that you needed both the will and the skill to be a effective cybercriminal; now you just need the will and some bitcoins. The black market now has any exploit, evasion method, stolen credential, DDoS and distribution method available.
“Cyber criminals can simply “add to cart” their attacks. We need to make it too expensive for them to operate, and that simply is not happening yet. If you are still worried about being attacked, chances are you have already been compromised and you just don’t know it yet.
“Back in the day there were the “script kiddies”. Those that wanted to hack sites but had to do it the Fisher Price way. I think we need to help the public with a new term – This new cyber criminal that buys all their skills we call ‘script crimie'”
