Tabula Rosa Systems Blog Of 1/5/17 - Ransomware took in $1 billion in 2016--improved defenses may not be enough to stem the tide

Buy the books at

 www.amazon.com/author/paulbabicki
====================================================

=====================================

Ransomware is a very large problem in today's cyberworld. 

 Tabula Rosa Systems offers a great product from Attivo Networks which is a rock solid protection for ransomware attacks. 

For more information, please contact admin@tabularosa.net

++++++++++++++++++++++++++++++++++++++++++++++++++++++

Ransomware took in $1 billion in 2016--improved defenses may not be enough to stem the tide

According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year

By Maria Korolov

Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase.

According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year, based on money coming into ransomware-related Bitcoin wallets.

That includes more than $50 million each for three wallets associated with the Locky ransomware, and a fourth one that processed close to $70 million. Cryptowall brought in close to $100 million before it was shut down this year. CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said.

Smaller ransomware families brought in another $150 million, and the FBI has reported $209 million in ransomware payments during the first three months of 2016. In addition to this $800 million or so in known payments, there are many other Bitcoin wallets that are unknown to researchers and uncounted, pushing the estimated total to $1 billion for all of 2016.

"The $1 billion number isn't at all unreasonable and might even be low," confirmed Mark Nunnikhoven, vice president of cloud research at Trend Micro.

"It's getting difficult to track the amount of money flowing into criminals' Bitcoin wallets because they've started to try and hide the transactions across a large number of wallets," he added.

He said that there was a 400 percent increase in ransomware variants last year, and he expects to see a 25 percent growth in ransomware families in 2016.

"What we're seeing is a bit of a maturation in how to execute these attacks, so we're expecting a leveling off to a more realistic growth curve," he said.

But criminals will continue innovating because of how profitable ransomware is.

"I don't think we'll see the 100 percent growth that we saw from 2015 to 2016," said Allan Liska, intelligence analyst at Recorded Future. "I think we'll probably see a 50 percent growth."

The markets for stolen medical records, credit card numbers and email addresses are collapsing, he said.

"Not only is it taking a while to get paid, but they're not getting paid as much as they used to," he said.

Meanwhile, ransomware is an easy business to get into, the payout is immediate, and it offers an ongoing revenue stream.

"There's no incentive for them to discontinue ransomware," he said.

Some experts expect growth to be even higher.

Successful ransomware attacks will double this year, predicted Tom Bain, vice president at CounterTack.

"The reality is that every single customer I speak to, anyone in the industry really, this is their number one concern," he said.

Better defensive technology and collaboration will help, he said, but the problem is going to get worse before it starts to get better.

Gartner analysts estimate that there were between 2 million and 3 million successful ransomware attacks in 2016, and that the frequency will double year over year through 2019.

"I think they're right," said Bain.

But not all experts think the future is quite that bleak.

Raj Samani, vice president and CTO at Intel Security, predicts that anti-ransomware efforts will begin to pay off in the next few months.

"We'll see a spike earlier on this year, but then I anticipate our efforts with law enforcement to be successful," he said.

Intel, along with Kaspersky Labs, Europol, and the Dutch National High Tech Crime Unit formed an alliance this past summer, No More Ransom. Since then, more than a dozen other law enforcement agencies have joined up, including Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland, and the United Kingdom. Several other security vendors have also joined up.

"Now that we've got more law enforcement agencies on board, and more private sector firms, we expect to see an increase in successful take-down operations," said Samani.

In addition to working together to bring down ransomware operations, the group also distributes free anti-ransomware tools.

That, combined with more user awareness about phishing and better detection technologies, will combine to stop the growth of this attack vector, Samani said.

"As an industry, we've started to develop new products, sandboxing, threat intelligence exchanges," he said. "It is getting better."

However, he warned that malware authors do have one significant advantage.

"There's an asymmetry of information," he said. "They have tools and services that will allow them to run their malware through all the anti-virus engines out there. They can install our products and they know how our products work because we openly talk about them. This is one of the big security challenges."

This story, "Ransomware took in $1 billion in 2016--improved defenses may not be enough to stem the tide" was originally published by CSO.

=====================================================================
 Good Netiquette And A Green Internet To All! 
=====================================================================
Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:

sales@tabularosa.net  or 609 818 1802.

 ===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 www.amazon.com/author/paulbabicki

Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.

In addition to this blog, I maintain a radio show on BlogtalkRadio  and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and  Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and  PSG of Mercer County, NJ.

Additionally, I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services.  Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology market.