Security in 2017: Ransomware will remain king   
       
   Posted December 14, 2016 by Malwarebytes Labs   
       
   2016 was the year of ransomware, with hackers focusing their attention on   
   exploiting Internet users and businesses around the world for profit.   
   According to the FBI, cyberextortion losses have skyrocketed and ransomware   
   was on track to become a $1 billion a year crime in 2016.   
       
   Our research shows no sign of this security nightmare slowing down in 2017.   
   Hackers are becoming more advanced, and ransomware remains an incredibly easy,   
   lucrative way for them to make money. Unfortunately, the security community   
   has only started to develop defenses that can protect Internet users from   
   ransomware.   
       
   With the new year around the corner, security researchers at Malwarebytes Labs   
   have compiled a list of predictions that encompass what new ransomware   
   threats, developments, and opportunities they expect consumers and businesses   
   will face in 2017.   
       
   Ransomware will become personal.   
       
    Most ransomware attacks today are indiscriminant. For the most part, cyber   
   criminals issue ransomware at random, hitting anyone and everyone that they   
   can. However, it's increasingly likely that targeted ransomware attacks will   
   become the new norm. If an attacker can recognize the difference between an   
   enterprise and a consumer target, they will be able to adapt their ransom   
   demands to match their victims. The intentions of attacks are also likely to   
   become more personal. In addition to encrypting files, ransomware attackers   
   will soon be threatening to post data or information on social media, or to   
   expose it in an equally destructive way. As with most cyber attacks,   
   ransomware will grow to take advantage of more human vulnerabilities.   
       
   Ransomware protection will become an investment.   
       
   Until this past year, companies and consumers had few solutions available to   
   them to help detect and fight ransomware. Security researchers have been   
   working hard to find decryptors of specific ransomware types so that they can   
   effectively protect against them in the near future. However, when a   
   ransomware descriptor is recognized, ransomware authors often tweak their   
   attacks to avoid detection. As this cat and mouse game between security   
   researchers and ransomware creators continues, more security vendors will   
   debut anti-ransomware protection offerings. In fact, we predict that by the   
   end of 2017 at least 50% of security companies will release some sort of   
   ransomware detection and/or prevention software. Companies and consumers will   
   both find themselves investing in new anti-ransomware security software in   
   2017.   
       
   Password managers will become a huge target.   
       
   In 2017, password managers, digital vaults where users store passwords and   
   other authentication data, will become a huge target for cybercriminals. In   
   fact, just last month, it was revealed that Apple's new iOS 10 operating   
   system has a potential security hole that could help hackers get access to   
   passwords and other sensitive information. Hackers are apparently able to   
   infiltrate Apple's Keychain password manager. For a hacker, breaking into a   
   network such as this can be incredibly fruitful. The top password managers are   
   likely to find themselves under attack in 2017.   
       
   Attackers will pick pocket the digital wallet.   
       
   With the growth of financial and budget planning applications; increased   
   pervasiveness of new payment methodologies such as Apple Pay adding new   
   wrinkles (such as making online payments through the phone); and the growing   
   pervasiveness of cryptocurrencies (like Bitcoin, Litecoin, and Peercoin),   
   there will be increasing attacks against applications, plugins, digital   
   wallets, and the companies holding authentication data allowing access to   
   these digital currency streams. With the incremental adoption of each of these   
   technologies, the potential windfall from a dedicated attacker increases. Soon   
   it will be more than enough to attract organized criminals who previously   
   flocked to the banking Trojans of the past. In fact, the first attacks may   
   evolve from the original Zeus source code, the granddaddy of banking Trojans.   
       
   A new exploit kit will emerge as the top dog.   
       
   In recent months, we have witnessed several trends that hint that existing   
   malware attacks are going "back to the basics." For example, there has been a   
   rise in the spread of malware attacks through email and phishing, while more   
   sophisticated malvertising and exploit kit attacks have decreased. Companies   
   and consumers have figured out how to block Java and Flash and are moving to   
   HTML5, making it harder for the existing exploit kits to succeed in deploying   
   malware through malvertising.   
       
   Since Angler EK disappeared in June 2016, several other exploit kits have been   
   battling for the top spot. An underdog, RIG EK is now positioned to be the new   
   leader, but it still relies on older vulnerabilities, all of which are easily   
   prevented today. This opens up a massive opportunity for a new, sophisticated   
   and dangerous exploit kit to emerge in the next year.   
       
   Malware will become engrained in tech support scams and attacks will increase,   
   globally.   
       
   Tech support scams (TSS) have become incredibly advanced and dangerous over   
   the last few years and most recently we have witnessed TSS deploying malware,   
   and even extortionware. In 2017, TSS attackers will dive into this benefit   
   headfirst and leverage the malware threat landscape more than ever before.   
       
   The IoT will thrust DDoS attacks into a new era.   
       
   In 2017, the Internet of Things (IoT) will perpetuate an evolution in how DDoS   
   attacks are orchestrated. In September of 2016, we saw a DDoS attack like   
   never before. Security blogger Brian Krebs found himself under attack by the   
   biggest DDoS attack ever recorded, and sources emphasized that CCTV cameras   
   wired to the Internet and other unsecured connected devices were leveraged by   
   attackers to orchestrate the attack. Based on the sheer volume of devices that   
   we have connected to the Internet today, the very real challenge of not being   
   able to update or secure their firmware and the ease in which these devices   
   can be identified using both general (Google) or specialized (Shodan) search,   
   the possibilities for DDoS attackers have exploded. We anticipate that we will   
   see increasing attacks like the one that targeted Krebs, perhaps even   
   targeting critical infrastructure such as the power grid or government   
   communications   
       
   Security will be the #1 priority for the boardroom.   
       
   In 2017, we anticipate that more security professionals will be asked to join   
   company boards. The need to have someone technical with a background in   
   security on your board is currently at an incredibly hire premium-across all   
   industries. This will only continue to grow over the next year, as we continue   
   to watch it evolve as one of the top business and political priorities of our   
   age.   
       
       
   Regards,   
       
   Roger   
      
   --- DB 3.99 + W10 (1607)   
    * Origin: NCS BBS - Houma, LoUiSiAna (1:3828/7)