Global ransomware epidemics – Are Here to Stay
WannaCry, Petya, GoldenEye – With More to Follow Any Day Now
Someone mentioned to me today that a news outlet published an article today or yesterday that suggested that the global ransomware epidemic was pretty much here to stay.
I almost spit out my coffee laughing because many security experts, writers and other major news outlets, myself included, have been warning the world about this issue for well over a year now.
News Flash: This is Not Surprising, it’s hardly even new news these days.
Ransomware has been around for years however it was used to only target individual networks, such as a single business, hospital or person.
After the infamous Shadow Brokers hacker group leaked the National Security Agency exploits back in April, cyber-criminals were able to learn about a more dangerous weapon.
The kind that can strike on a global level.
But is that really all that true? I mean, I love poking fun at the NSA for losing the intel in the first place but…
Anytime you see that someone, anyone is capable of widespread hacking, you should automatically assume they or another someone or group is capable or nearly capable of global hacking, ransomware, the ability to steal data on a global level and gain access to major networks including those that are tasked with running things like banking systems, power grids and governments just to name a few.
It is not like these guys are stupid, we make the mistake of assuming that no one else in the entire world other than the NSA or any government for that matter is capable of and working on developing cyber weapons like WannaCry, Petya or GoldenEye.
That is so far from the truth it is not even remotely funny. Just because a cyber-criminal hasn’t used a cyber weapon such as this before does not necessarily mean they haven’t developed it or are not working on it.
These guys could have very well been waiting for some type of leak, before moving forward with unleashing the weapon that they created so that they could tweak for instance the NSA’s weapon so that it would be more difficult to trace back to the point of origin.
Usually eventually one can figure out who created what cyber weapon by pouring through the code after all, so in an attempt to disguise that, so if it were me, I would use someone else’s cyber-weapon with that someone else’s code and tweak it just slightly enough to change it without giving away from what country I am in, or what group I am part of and so on.
The point is, without a doubt, cyber-criminals were already moving in this direction believe it or not. Criminals on any level who do not want to become upstanding citizens spend a good majority of their time thinking of new and improved ways around the laws, and that includes new and improved ways of breaking the law, ways that are less detectable by law enforcement.
Those in the business of committing cyber-crimes are no different than any other type of criminal in that respect.
So no, global epidemics of ransomware being unleashed is not going anywhere soon, new and improved weapons are already being made and developed so as to unleash.
We’ll all have to find better security measures, but a word of caution, much like the flu virus every year, the one we get flu shots for, we will not truly know how to protect ourselves or whether or not our newest security measures will actually work, until we know what kind of virus we are facing as each new attack is released.
Last but not lease, some of these attacks may also be disguised as mere ransomware, they could actually end up being something much worse that we have yet to learn about.
Cristal M Clark