Nowadays, making predictions is difficult. Who could have predicted, this time last year, that the world would be struggling with a global pandemic, and ransomware that capitalizes on the outbreak would be on the rise? Well, actually, we did predict this – the ransomware, not the pandemic – in BlackBerry’s threat bulletin for 2020.
In fact, several of our predictions from last year came true – from the increased threat of Netwalker ransomware, to the fact that ransomware attacks dramatically increased in frequency and severity throughout the year. So, with that in mind, let’s speculate about what the next year will bring. (Spoiler alert: it’s pretty scary).
The Usual Suspects
Let’s start with some fairly basic predictions – things that are easy to predict, because we can already see them happening.
One of these predictions is that the majority of state-sponsored ransomware (which formed part of what we called advanced persistent threats, or APTs, back in more innocent times) will continue to flow from The Big Four, sponsors of state-sanctioned cyber warfare. The Big Four currently includes Russia, China, Iran, and North Korea.
Second, ransomware will continue to be the most common form of cyber attack. It is already, according to many analysts, becoming the go-to method of attack for cyber criminals, and it’s difficult to see this changing in the next 12 months as we segue into 2021.
Third, phishing will continue to be the most dangerous and effective method of ingress. Most cyber attacks already begin with spear-phishing emails, and unless users suddenly get a lot more cautious when it comes to opening suspicious emails, that’s going to continue.
Increased Sophistication, New Targets
The world of ransomware is never static, though. In the coming year – just like the one we’ve just got through – we are going to see phishing and ransomware attacks increase in sophistication and frequency, and most likely will be aimed at new targets.
In terms of sophistication, there are two key trends. One is artificial intelligence (AI). Research shows that 78% of data scientists agree that AI will play the greatest role in data protection over the upcoming decade, largely because the threats we now face are in themselves AI-enhanced.
Second, one of the key findings from a Dark Basin report earlier in the year is that nation states are looking to hire third-party vendors for ransomware-as-a-service (RaaS) attacks; this influx of funding can’t help but increase the sophistication of malware. We’re also already seeing new organizations becoming targets for ransomware. Ransomware is already crippling schools, universities, and hospitals inside and outside the U.S., and governmental organizations are also seeing marked increases in attacks.
There are also signs that the institutional response to ransomware is going to change, at least in the U.S., with the installation of a new President in January. The incoming Biden administration has already signaled that it will take a stance that is more hands-on than the last, and has sought to clarify whether cities should pay ransomware demands.
Finally, the obvious point. With increasing sophistication, increasing frequency, and new targets, it’s not difficult to conclude that the cost of ransomware in 2021 is going to be significantly higher than in 2020.
Though we would be hesitant to put a particular number on this increase, it’s clear that the increase will be significant. A 2017 report from Cybersecurity Ventures, for instance, accurately forecast that ransomware damages would surpass $10 billion by 2019, which it has (actual damages were $11.5 billion). Things don’t look too much better for the future. Cybersecurity Ventures’ report for 2020 estimates that total cyber crime damages for this year will exceed $6 trillion, of which ransomware will cost $20 billion alone.
It’s also important to note that these figures only include the costs that are reported by businesses (and other impacted organizations). In reality, the cost of ransomware is much higher – partially because some organizations simply pay ransoms without reporting that they have done so, and partially because the cost of ransomware is not limited to just the cost of the ransom paid; it also includes the cost of lost company productivity, brand damage, and of course remediation costs, which can be significant.
Combine all these factors, and it’s clear that we are facing an unprecedented challenge in 2021. The importance, efficacy, and frequency of ransomware has been increasing every year for a decade, but as the final numbers come out for 2020, it’s also becoming increasingly apparent that the last year has been a portent of things to come.
As many sources are reporting, 2020 may have seen the most cyber attacks of any year on record, and by a fair margin. This is largely because so many people started working from home this year, and the advent of this shift was so sudden that companies were left desperately searching for ways to mitigate attacks in the COVID-19 era.
Ransomware was no exception to this shift, and in fact, ransomware operators might just turn out to be one of the only beneficiaries of 2020. With more money and support than ever, ransomware developers are entering a golden age, just at a time when the rest of us are suffering the economic consequences of the pandemic and the lockdowns.
Given that, it’s not hard to predict what is going to happen – unless we all get a lot smarter, and quick, the ransomware pandemic is going to get worse as we move through 2021. Learn more about ransomware prevention and remediation from BlackBerry.