The increase in ransomware, and its now routine combination with data theft and doxing, formed one of the bigger trends of 2020. ("Terrible" is an adjective that rightly appears in StateScoop's account of the discussion of ransomware at the Aspen Institue's Cyber Summit.) The ransomware operators have increased both their determination and rapacity. The addition of data theft adds bite to the extortion: not only are the criminals denying the victims access to their data, but the criminals have another opportunity to monetize the results of their attack by selling stolen information on criminal markets. It's the threat of releasing the information that has now rendered the classic defense against ransomware—regular, secure backup—an imperfect protection. And it's unreasonable to expect criminals to keep their word when they promise to destroy stolen data if they're paid off.
Predictions for 2021: like 2020, only more so.
Unfortunately this is one 2020 trend that's widely expected to continue into 2021. Continuity Central has five ransomware-centric predictions for the coming year, and they're representative of what we're hearing:
- "Cyber criminals will concentrate attacks on the most critical industries, including healthcare and manufacturing organizations." Organizations that depend upon high data availability will continue to be particularly attractive to attackers. The deep pockets of the financial services sector will always be targets, but those pockets are also among the best protected. Healthcare and manufacturing? Not necessarily so.
- "Attacks will find more sophisticated ways to get into your data center." Attacks will adapt to defenses.
- "CISOs are going to focus more time and budget on recovering from an attack." The ransoms demanded are rising, and while it may soon be illegal to pay them in many jurisdictions, the increased sophistication of the attacks will increase recovery costs.
- "Cyber attacks will put a renewed focus on data governance." This prediction is related to the now routine data theft ransomware gangs will continue to commit. It also adds considerable regulatory risk to the victims' headache.
- "Backup infrastructure will look very different and see a noticeable transformation." Backup is no longer a complete fix, but it remains a vital one. It will evolve into more secure, more routine, easier to use forms.
Randori offered a similar set of predictions to eWEEK. The first three apply directly to ransomware, the final pair to national policy:
- "Deepfakes and voice fakes come to the enterprise." These will enable more effective social engineering, and the production of falsified records that could cause considerable reputational damage to the victims.
- "Ransomware evolves to enterprise extortion." This is a step up from the threat of doxing. As Randori put it, "Ransomware attacks will shift from 'I’ve stolen all your data, now pay me' to 'I'm going to extort your CEO with information I’ve found in the data I’ve stolen from you, and if you don't pay, we’ll devalue your stock on Wall Street.'"
- "Expect more cloud infrastructure ransom attacks." Enterprises are in the cloud; criminals will be, too.
- "A leadership crisis in IT talent will hit the U.S. government." Maybe high senior turnover will stop (or maybe not). But its effects may continue to be felt.
- "Expect an antitrust/anti-tech reckoning in 2021." There's bipartisan interest in some form of tech regulation in the US, and the situation is similar in the EU.
How much is that doggy in the window? In Bitcoin, maybe?
Near term trends? The pandemic and online holiday shopping remain on people's minds. There are any number of checklists for safe holiday shopping in circulation. One that's worthy of attention is provided by AwareGo.
Here's one odd effect of the pandemic, at least in the US: a rise in dog purchase or adoption fraud. WBBM cites a caution from the Better Business Bureau to the effect that criminals are bilking people trying to get a dog. Why? It's supply and demand; it's because people want dogs around while they're locked down at home. Who wouldn't? We note that the dog rescue outfit that sprung the CyberWire's official editorial pooch from a South Carolina slammer a little more than three years ago has been out of dogs for a couple of months. Demand is high, and the grifters have noticed. We hope to be able to write a dog-bites-man story about the hoods soon. Pack forward and get 'em.