Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Wednesday December 14 2016, @11:49AM   Printer-friendly
from the next-up:-ransomware-for-IoT-devices dept.

According to an article on DarkReading.com, ransomware will remain king in 2017.

2016 was the year of ransomware, with hackers focusing their attentions on exploiting Internet users and businesses around the world for profit. According to the FBI, cyber-extortion losses have skyrocketed, and ransomware was on track to become a $1 billion a year crime in 2016.

Our research shows no sign of this security nightmare slowing down in 2017. Hackers are becoming more advanced, and ransomware remains an incredibly easy, lucrative way for them to make money. Unfortunately, the security community has only started to develop defenses that can protect Internet users from ransomware.

With the new year around the corner, security researchers at Malwarebytes Labs have compiled a list of predictions for new ransomware threats, developments, and opportunities that they expect consumers and businesses will face in 2017.


Original Submission

Related Stories

WannaCry Ransomware Attack Linked to North Korea by Symantec 23 comments

Symantec and FireEye have linked the recent WannaCry ransomware attacks to North Korea:

Cybersecurity researchers at Symantec Corp. and FireEye Inc. have uncovered more evidence tying this month's WannaCry global ransomware attacks to North Korea.

The cyberattack that infected hundreds of thousands of computers worldwide was "highly likely" to have originated with Lazarus, a hacking group linked to the reclusive state, Symantec said. The software used was virtually identical to versions employed in attacks earlier this year attributed to the same agency, the company said in a report late Monday. FireEye on Tuesday agreed WannaCry shared unique code with malware previously linked to North Korea. "The shared code likely means that, at a minimum, WannaCry operators share software development resources with North Korean espionage operators," Ben Read, a FireEye analyst, said in an emailed statement.

[...] The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to mount a second attack because so many users of personal computers with Microsoft operating systems couldn't or didn't download a security patch released in March labeled "critical."

Also at NYT, Reuters, Ars Technica, and The Hill. Symantec blog (appears scriptwalled).

Here's a screenshot of Wana Decrypt0r 2.0. Note the Wikipedia licensing section.

Previously: Security In 2017: Ransomware Will Remain King
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]
Decryption Utility for WannaCry is Released


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @11:56AM

    by Anonymous Coward on Wednesday December 14 2016, @11:56AM (#441235)

    See what happens when you let a recession linger for a decade? This is what happens! Scams become commonplace, grifting becomes standard business practice, and everyone suffers the consequences. Where's our 21st century New Deal? Where's our 21st century WPA? Where's government investment in productive society? Nowhere! Plenty of government investment in droning the terrorists! Plenty of government investment in death and destruction! And you wonder why banditry, extortion, and ransomware become the new normal.

    • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @12:06PM

      by Anonymous Coward on Wednesday December 14 2016, @12:06PM (#441238)

      Ransomware got into your network because you forgot to turn on Wi-Fi Protected Access?

      • (Score: 2) by Dr Spin on Wednesday December 14 2016, @12:16PM

        by Dr Spin (5239) on Wednesday December 14 2016, @12:16PM (#441243)

        And you were helpless because you have no off-site tape backups.

        Come back 1970's all is forgiven - except the wide trousers!

        --
        Warning: Opening your mouth may invalidate your brain!
        • (Score: 2, Funny) by Anonymous Coward on Wednesday December 14 2016, @12:39PM

          by Anonymous Coward on Wednesday December 14 2016, @12:39PM (#441249)

          That's where you're wrong, pal, I don't need backups because I memorized my code and if it gets erased I can just toggle switches on the panel to input it again.

      • (Score: 2) by Nerdfest on Wednesday December 14 2016, @12:40PM

        by Nerdfest (80) on Wednesday December 14 2016, @12:40PM (#441250)

        Generally ransomeware gets onto a network because one tard clicks an executable email attachment, encrypting user files on that machines and any network connected storage.

        • (Score: 3, Funny) by RedGreen on Wednesday December 14 2016, @01:46PM

          by RedGreen (888) on Wednesday December 14 2016, @01:46PM (#441257)

          That and the useless fucking operating system used allowed it by default action. It has only been happening for more than decade but change that behaviour nah you must be joking the user will not like the inconvenience of not being infected at every turn. How else are they going to get rich or see some titties of random cleb or cat pictures....

          --
          "I modded down, down, down, and the flames went higher." -- Sven Olsen
    • (Score: 1) by anubi on Wednesday December 14 2016, @12:18PM

      by anubi (2828) on Wednesday December 14 2016, @12:18PM (#441244) Journal

      So, we thought having the masses illiterate to computer science and what the machines do was a good idea.

      The same thing would happen in the paper world if our Congress could be duped into passing law that made reading and understanding a legal contract to be illegal.

      --
      "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
      • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @12:31PM

        by Anonymous Coward on Wednesday December 14 2016, @12:31PM (#441248)

        Didn't we just have a story about a blog where some guy reverse engineered an emulator to fix a security flaw?

        You're so incredibly fucking ignorant you truly believe DMCA === BAD.

        Well after years of living among moronic shit like you, I've reached the only possible conclusion: there's no hope for your kind.

        • (Score: 2, Insightful) by Anonymous Coward on Wednesday December 14 2016, @12:44PM

          by Anonymous Coward on Wednesday December 14 2016, @12:44PM (#441251)

          You're so incredibly fucking ignorant you truly believe DMCA === BAD.

          Well, a lot of it is bad. Hindering reverse engineering efforts is bad. Censorship without due process (DMCA notices) is bad, and making it easier to censor those who violate copyrights doesn't justify it because due process is more important. Restricting fair use is bad. Plenty about the DMCA is pretty bad, and this is pretty much undeniable unless you're a hardcore copyright maximalist.

          • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @06:06PM

            by Anonymous Coward on Wednesday December 14 2016, @06:06PM (#441353)

            You'll be getting a DMCA notice to remove your post because of your blatant copyright violation. You quoted a portion of the GP's post without explicit written permission. And before you object keep in mind that no use of GP's worthless post can be considered "fair use".

        • (Score: 4, Informative) by Scruffy Beard 2 on Wednesday December 14 2016, @04:51PM

          by Scruffy Beard 2 (6030) on Wednesday December 14 2016, @04:51PM (#441322)

          In this story [soylentnews.org] the emulator was actually open source.

          The Canadian version of the DMCA [justice.gc.ca] got delayed by about 12 years, and has exemptions [justice.gc.ca] for: Law enforcement and national security, Interoperability of computer programs, Encryption research, Security (including data leaks), and Persons with perceptual disabilities.

          We have had the benefit of hindsight after seeing how bad the DMCA really was. Many of those exemptions are the direct result of the suppression of security research in the United States.

    • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @03:02PM

      by Anonymous Coward on Wednesday December 14 2016, @03:02PM (#441282)

      Where's our 21st century New Deal? Where's our 21st century WPA? Where's government investment in productive society?

      You mean the American Recovery and Reinvestment Act of 2009? Fox Newswas still talking about it [soylentnews.org] two years later. Not so much lately, though.

    • (Score: 3, Insightful) by Grishnakh on Wednesday December 14 2016, @04:28PM

      by Grishnakh (2831) on Wednesday December 14 2016, @04:28PM (#441315)

      This is just plain stupid. The ransomware, by and large, isn't even coming from the US, it's coming from offshore, especially Russia.

      This ransomware epidemic is just something else you can blame on the Windows monoculture and the pathetic security in the Windows OS itself. If you can click on an email and have this execute native code on your computer, there is something fundamentally wrong.

      • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @10:26PM

        by Anonymous Coward on Wednesday December 14 2016, @10:26PM (#441448)

        it's coming from offshore

        Well, according to his critics, Mr. O (somehow) messed up the entire world.

        Anyhow, GOP Congress would block anything like the New Deal. O has proposed the idea of an infrastructure bill for a long time. GOP wouldn't even consider it, claiming the deficit would kill puppies and Batman.

        (In practice it may stimulate the economy enough to at least in part pay for itself deficit-wise. How much is a matter of dispute)

    • (Score: 0) by Anonymous Coward on Wednesday December 14 2016, @05:17PM

      by Anonymous Coward on Wednesday December 14 2016, @05:17PM (#441331)

      Wait -- you wrote all of that and you didn't specifically blame Obamacare for any of it!

      What kind of a moron are you, using genuine issues as a basis for your concerns?

  • (Score: 0) by Anonymous Coward on Thursday December 15 2016, @06:17PM

    by Anonymous Coward on Thursday December 15 2016, @06:17PM (#441705)

    My ass. The only real solution is to make backups. And sensible people have been doing that for the longest time.

    Also, if you maintain proper IT hygiene your chances of getting malware are dramatically lessened.