Ransomware dominated headlines in 2016. The continued rise of crypto-ransomware with variants like Locky, the attack on San Francisco MUNI and the increased volume targeting hospitals and healthcare centers make the point very clear: ransomware is here to stay. But what’s next? WatchGuard’s CTO Corey Nachreiner believes that a self-propagating version of ransomware – a “ransomworm” – will appear in the wild sometime in 2017.
In a recent Help Net Security column, Corey explains why he thinks cybercriminals will add self-spreading characteristics to ransomware next and what users can do to defend against ransomworms. Here’s a brief excerpt from the article:
“What do I mean by ransomworm? Years ago, network worms like CodeRed, SQL Slammer, and more recently, Conficker were pretty common. As you probably know, a worm is a type of malware that automatically spreads itself over a network, using either legitimate network file sharing features, or network software vulnerabilities. In the past, the fastest spreading worms – like the examples mentioned above – exploited network software flaws to automatically propagate through networks (whether the Internet or just your internal network).
Now, imagine ransomware attached to such a network worm. After infecting one victim, it could tirelessly copy itself to every computer it could reach on your local network.”
Read the full article on Help Net Security.