“We’ve already seen ransomware for Linux, Windows and Android. Mac OS is just around the corner,” he said in December 2015. “It targets both consumers and companies, and the 2016 versions not only will encrypt files and ask for ransom, but will also make all documents available on the internet if ransom is not paid. In an ironic twist, the victim will be able to recover encrypted files – when they are uploaded on the internet for public shaming.”
“Ransomware has probably been the largest unresolvable threat to Internet users ever since 2014, and it will remain one of the most important drivers of cybercrime in 2016,” Bitdefender noted. “While some operators will prefer the file encryption approach, some more innovative groups will focus on developing ‘extortionware’ (malware that blocks accounts on various online services or that expose data stored locally to everybody on the Internet). Throughout 2016, file-encrypting ransomware will most likely expand to Mac OS X as well.”
Last year, reports show millions of users fell victim to CryptoWall version 3.0 (and many go unreported), adding over $350 million to cyber-criminals’ bank accounts.
Law enforcement representatives are focusing on destroying the ransomware business model and urge users to not pay ransom, even at the risk of losing sensitive information. “By paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals,” FBI Cyber Division Assistant Director James Trainor warned, cited by HOTforSecurity.
A Bitdefender study this winter revealed that less than half of users can’t accurately identify ransomware as a type of malware that prevents or limits access to computer data, and 48% of victims are willing to pay up to $500 to recover encrypted data.
Moreover, security professionals’ concerns associated with major breaches have only increased since last year. In 2015, 37 percent of respondents said it was either “highly likely” or that they “have no doubt” that they would face a major breach in the next 12 months; in 2016, that figure has risen to 40 percent. Raising the need for concern, nearly 75 percent of security professionals say they do not have enough staff to defend their organizations against current threats. 63 percent directly relate this to a lack of budget. The report is based on survey responses from 250 security specialists.