There's no doubt that cybercriminals are busy preparing more ransomware attacks for the remainder of 2018. And that ransomware code will be optimized to steal your data and get your money. Here are three things you can expect from the cybercriminals who create ransomware:
AI will make ransomware more effective
Phishing emails remain the dominant method used to distribute ransomware. But artificial intelligence (AI) technology will likely be added to the mix in an effort to make phishing emails more effecitive at hooking victims. Cybercriminals can use AI to periodically change the words used in phishing emails, until they find the most effective word combination. This will allow more messages to bypass spam filters. Messages will also undergo refinement based on click rates and interaction levels.
AI will also enable cybercriminals to refine other elements of the ransomware distribution process. Data related to who is most likely to pay the ransom, system types, regions, and other information can be crunched in AI algorithms to identify more profitable targets and distribution methods.
Malicious hackers will continue stealing exploits
The government-created Microsoft Windows exploit EternalBlue was used in the the massive 2017 WannaCry ransomware attack that compromised thousands of computer systems around the world. The government-created Windows exploit EternalRomance was used in the NotPetya and BadRabbit attacks. In 2018, you can expect hackers to steal more as yet undocumented exploits that will fuel the next generation of ransomware.
GPU-based encryption on the rise
The rise of ransomware strains like Troldesh and GlobeImposter indicate that ransomware authors are beginning to use Graphics Processing Unit-based encryption. You can expect this to continue in 2018. This approach will dramatically increase the speed at which ransomware can encrypt data on a machine, giving victims less time to respond, and security software less time to mitigate the threat.
Ransomware attacks will continue to increase in 2018 both in sophistication and scale. That's why it's critical for companies to invest in ransomware protection controls and backup and recovery solutions.