The attacks of ransomware, a malicious software that infects users’ computers and hijacks their information and then asks for a monetary ransom, have left thousands of victims in 2017: the National Health System (NHS) in the United Kingdom saw how paralyzed phones were left and computers from 16 of its hospitals last May; the headquarters of Telefónica, located in Madrid, suffered a massive attack of this type that disabled their computers to later request a ransom in bitcoins, a virtual currency that allows online payments.
These were only two of those affected, since this ransomware, named WannaCry, managed to spread across all the continents in less than 24 hours, paralyzing the activity of companies and governments globally. The courier company FedEx, the Russian Ministry of the Interior or the manufacturer of Renault vehicles, among others, appeared on the list of victims.
However, WannaCry was just the prelude and a proof of concept of what was yet to come: Petya (or NotPetya), a professional virus with which the group of hackers responsible for the attack, ShadowBrokers, managed to knock down 5,000 systems at a stroke in less than 10 minutes.
The third major ransomware epidemic arrived in October last year. The cyberattack called Bad Rabbit infected several Russian media, the public transport system of Kiev and the Ministry of Infrastructure of the Ukraine, among others. The attack required victims to download and execute the virus, which came in the form of an installable Adobe Flash file.
2018 is not less dangerous, since everything points to the fact that ransomware attacks will increase and will be more sophisticated and creative. These cyberattacks will focus on critical infrastructures, mobile devices and the Internet of Things (IoT).
Threats against the IoT, or Internet of Threats, as some call it, will include variants of Mirai and BlueBorne. Let us remember that the malicious program Mirai marked a before and after in the history of cyberattacks, as it knocked down 900,000 home routers in Germany and interrupted the service of Facebook, Netflix, Spotify, Twitter, etc., for hours.
As for the extortion tactics employed by cybercriminals, such surprising innovations are expected as making a financial discount to the victims if they accept and manage to infect the computers of other users.
However, attackers will not use their enhanced methods of extortion only in ransomware attacks: false information dissemination campaigns by which those affected will be required to pay to stop them, or interruptions in the supply chain through the insertion of malicious software for victims to pay if they want to know its location and disable, will also pick up in 2018.
On the other hand, companies and users will increase the storage of data in the cloud, so it will also become one of the preferred targets of cybercriminals.
According to estimates from the Massachusetts Institute of Technology (MIT), ransomware aimed at cloud services from smaller providers; cyberattacks against electricity networks, transport systems and other critical infrastructure; and the cyberattacks aimed at altering the electronic electoral registers and the software used to collect and audit the results of the elections, will also be included in this year.
Advice for users
- If you use cloud storage services such as iCloud, Google Drive, Dropbox or any other, you should protect your multimedia files properly. To do this, it uses robust passwords with at least 8 characters, uppercase, lowercase, numbers and/or symbols; and enable two-step verification to add an additional layer of security when accessing your account.
- Fraudulent campaigns and identity theft by email, SMS and phone calls are the order of the day. If you receive a suspicious email asking you to take urgent action, such as verifying your personal or banking information, do not download the attachments or click on the links included in the email. Eliminate it and contact by phone with the company or organization whose identity they have supplanted.
- If you have devices connected to the Internet in your home (oven, television, refrigerator, surveillance cameras, etc.) you also have to protect them: disconnect them when you are not using them, disable unnecessary services to prevent access to them from the Internet, do not eliminate or modify the security measures that the device has by default, change the credentials that are predetermined and introduce strong and secure passwords, and keep the software updated.