Ransomware: Is the worst yet to come?
Data hostage-takers are innovating quickly, Raytheon experts warn
The WannaCry ransomware attack may be just the start of a new wave of hacks-for-hire, Raytheon cyber experts warn.
Ransomware is on its way to becoming a $1 billion market, and attackers are quickly finding new ways to exploit its reach, said Michael Daly, chief technology officer at Raytheon Cybersecurity and Special Missions.
“Gone are the days of simple annoyance with viruses and worms,” Daly said.
WannaCry and other ransomware programs infect computers, search for important-looking data and then encrypt those files. The software then demands a payment to unlock the files.
Some ransomware users have introduced tiered payments, giving victims a choice of how much data to free, said Josh Douglas, chief strategy officer for Raytheon Foreground Security. Others are attacking specific users in return for a cut of the profits, a model known as ransomware-as-a-service.
Some attackers have even introduced “affiliate programs,” encouraging victims to infect their friends in return for a decryption key, Douglas said.
Raytheon has been tracking WannaCry since it first began spreading across Europe in May 2017, and experts at Forcepoint Labs have been posting technical information about the worm on their blog. The worm appears under various names, including WCry and WannaCrypt0r 2.0.
Criminals have been working quickly to counter efforts by governments and businesses to stop the spread of the worm. For example, they issued a new variant of WannaCry that disabled a “kill switch” feature used by cyber defenders.
Last Updated: 05/26/2017