Where We’ve Been
We’ve written extensively this year about the explosion of ransomware. We thought 2020 was bad enough with a 350% increase in ransomware in two years, but then the SolarWinds hack hit and changed the game.
Ransomware evolves. As new technologies come out to beat it, ransomware changes its face. At first, we could back up files and create copies of our harddrives. This meant that, even if we were hit, we could wipe our machines and restore them.
Then ransomware changed by encrypting and downloading files. You may have been able to restore your machine, but the criminals had the data. If you wouldn’t pay, they’d publish your private information for all the world to see. This has been the most popular delivery method this year.
But then the game changed again when hackers found their way into digital signatures. Digital signatures are a way for a software publisher to sign a creation so every update doesn’t have to be individually whitelisted. If the signature is compromised, even the most advanced AV system won’t catch it. It’s the most aggressive form of ransomware we’ve seen yet.
2020 brought us a lot, but two ransomware evolutions weren’t on the docket!
Where We’re Going
The idea that ransomware has evolved again is scary. But the good guys are ready. 2021 is going to see huge advancements in cyber protection. This doesn’t mean you should be lax about your security. It also doesn’t mean cybercrime is going to slow down.
Just the opposite. I think we’re going to see an increase in cybercrime and criminal attempts. What needs to change, however, is the way we handle the aftermath of cyberattacks.
PC Matic CEO Rob Cheng is a huge advocate for transparency in cyberattacks. He equates it to the black box in airplanes. We’ve been able to increase the safety of planes by learning from what went wrong.
Unfortunately, there’s still too great a stigma on ransomware attacks. Companies are afraid to admit they’ve been hacked. If they can’t admit to the hack, and show us how it may have happened, we can’t learn.
Cyber gangs are evolving their attack methods. Our protections need to be able to stop them. The more education AV creators have, the better the protection will become. It’s time to demand transparency.
It’s also time to reevaluate our security plans. Cybersecurity is a living creature. It needs regular maintenance, care, and attention. The more attentive we are to our security plans, the better they’ll work for us.
As I sit here at my desk this New Year’s Eve, I can’t help but look back over what has been a behemoth of a year. We might emerge into 2021 a little battered and bruised, but we made it. Instead of hoping for a better 2021, let’s work together to make it that way.
Happy New Year!
1,847 total views, 2 views today