Ransomware attacks can be a nightmare for individuals and businesses alike. They usually involve cybergangs threatening to publicly publish their targets’ data if a ransom isn’t paid.
My company, Avast, expects these threats to grow in 2023. This puts people’s personal memories at risk and poses a double risk for businesses. Both a loss of sensitive files and a data breach can have severe consequences for an organisation's reputation.
For businesses, successful ransomware attacks can quickly ramp up to millions of dollars in recovery costs caused by a pause in operations, reimaging devices and incident response programs.
This can extend to operational costs, with the likes of hospitals not being able to conduct surgeries or factories halting their production.
New global sanctions introduced this year could put enterprises affected by ransomware in a sticky situation, as they face potential prosecution if they pay ransom demands to groups listed on sanctions lists, for example, ransomware groups based in Russia.
People's worst fears
We’ve been living in a scamdemic for some time now, and there are no signs of a slowdown.
Cybergroups go to many lengths to tap into people’s worst fears to deceive them into sending money or giving up personal data because it is easier to make them feel vulnerable than to hack their devices.
We expect to see attacks playing with people’s economic and environmental concerns this year.
Scams are not just flooding people’s inboxes with phishing emails, but are also bombarding their text messaging apps, and keeping their phones ringing.
With constantly improving techniques, the person becomes the weakest link. One trend expected during 2023 is the takeover of social media accounts leading to impersonation attacks on online friends.
Avast's researchers have predicted that the already professionalised business of cybercrime will become more sophisticated.
Cybercrime groups Zloader, Racoon Stealer and Ursnif came together this year to take advantage of each other's specialisations and to support one another and maximise profits. We anticipate this kind of cross-group collaboration to continue.
In addition, over the summer, Lockbit 3.0 became the first ransomware gang to offer a bug bounty program, and others will likely follow suit.
Bug bounties allow third parties to report new product vulnerabilities to software companies in return for an award.
In typical cases, this helps organisations to make their software secure, protecting themselves and their customers from cybercriminals exploiting vulnerabilities.
In this case, however, people are being enticed by a malicious group to help make its ransomware efforts more robust.
Cybercrime has been a growing business for years, but we have started to see open-source malware become more readily available and distributed on platforms like Discord.
People, including young people with less technical knowledge, can now get their hands on malware and may be more inclined to join the dark side given current economic hardships.
We have also seen criminal groups recruiting and paying people money to carry out distributed denial-of-service (DDoS) attacks or to install ransomware on their employers' devices, for example.
Not only will we see more malicious activities, thanks to software as a service (SaaS), the distribution of software to carry out DDoS attacks, and easily accessible open-source malware, but these could be stepping stones towards a career as a cybercriminal.
How to protect yourself against scams
- Research companies and websites before buying. No matter how urgent the offer may seem, or how badly you want the item or service, do your research first. Read the website’s corporate information, terms of service and privacy policy – many scam websites will have basic versions, if anything at all. Look up customer reviews and see what other people have to say.
- Pay with a credit card. Compared to debit cards and bank transfers, credit cards are far more secure. Your credit card company is on your side when it comes to fraud. When you’ve been ripped off, chargebacks are your friend.
- Never download attachments or click links from unknown contacts. Scammers can use attachments and websites to infect your computer with malware. For example, trojans often slip onto devices while disguised as harmless attachments, and those can then bring rootkits, spyware or adware with them. Some malware will just show you ads, but others can be far more damaging.
- Keep personal information to yourself. Do you know how many websites ask you to answer a series of security questions in case you need to recover your password? Remember which information you’ve set as security measures, and don’t share it. Otherwise, scammers can answer your security questions with ease. Of course, this also applies to things like login credentials and account numbers.
- Secure yourself online. If a website offers two-factor authentication, use it. It’s not bulletproof, but it’s better than nothing. Use strong, unique passwords on the websites you frequent, and store them more securely with a dependable password manager.
Ways to prevent ransomware
- Keep your software updated. Making sure your OS and apps get new updates as soon as they’re released will plug security holes and prevent hackers from using exploits to deploy ransomware.
- Back up your system regularly. Ransomware typically gains its power from blocking access to important files. If you have the files backed up safely elsewhere, your chances of losing them to ransomware are reduced. Perform regular backups of your system and files – cloud services and physical storage are both viable options, and you should use both if you can. If your device lets you set an automatic backup schedule, do that as well.
- Use an ad blocker. Load up your browser with an ad blocker to shield yourself from malvertising and drive-by-downloads – two ad-related ways ransomware can make its way into your system.
- Be sceptical. Be wary of strange links sent in emails or on other messaging platforms. Even if the link comes from someone you know, they could have been hacked. Learn the signs of unsafe websites and avoid visiting them.
- Use an antivirus. Ransomware can hurt you only if it can reach you. Employ a robust cybersecurity app that helps block malware and viruses before they can get anywhere near you. Avast One helps block unsafe links, sketchy downloads, and unsecure websites.