It is clear that a ransomware crime wave will surge across America and Canada. Here is what we expect will happen in 2016 and what you need to look out for:
- Ransomware attacks doubled in 2015 and will double again in 2016. The U.K. is to some extent a bell-weather for the U.S. as they function as a beta test site for Eastern European cyber mafias who can test malicious code in their own time zone. Well, over half (54%) of all malware targeting UK users in 2015 contained some form of ransomware. Buckle up.
- The use of Cryptowall 4.0 will explode, and Cryptowall V5.0 will add an actual working "feature" that the TeslaCrypt strain only threatened with: extortion by potentially publishing private personal or sensitive business files on the Internet.
- Cryptowall will be the first strain of ransomware to hit a billion dollars in total damages.
- Ransomware is the new APT: "Annoying Persistent Threat", as it will be increasingly used in double-payload attacks combined with other scams.
- Ransomware-as-a-service hosted on the TOR network and using Bitcoin for ransom payment enables a new generation of cybercrime newbies to make their mark.
- Cyber mafias will focus on professional services firms and local government using Cryptowall as their tool and extort tens of thousands of dollars from organizations that don't want their business disrupted or their intellectual property compromised.
- A new sleeper ransomware variant will start to stealthily encrypt data, pull your critical files onto a C&C Server, and wait until a backup been made. At that point they will yank the encryption key and demand a much larger amount of ransom than the current 500 bucks.
- Bonus Wild-Ass Guess: Ransomware gets bundled with worm-like malware to "brick" all the Windows endpoints and servers of a targeted organization. Cybercriminals will use this technique on a large scale, demanding millions in Bitcoins from their victims and may even offer "innovative" payment plans with protection terms.