By: Tomer Weingarten, CEO & Co-founder, SentinelOne

ransomwareOver the last few years, ransomware has become one of the most feared cyber threats of all. For this year alone, the FBI forecasts an overall loss of $1 billion caused by Trojans encrypting files on their victim’s computers and demanding a ransom payment to restore it. Just a few months ago, the ‘Locky’ ransomware caused a lot of trouble in Germany as the crypto Trojan not only had spread very rapidly (5,000 new infections per hour) but also infected renowned companies and clinics. So what is the reason for this enormous increase in ransomware attacks over the last few years and why are many ‘protective’ solutions unable to detect or prevent infection?

The power of Hacker Networks
The professionalization of the hacker scene has been a crucial turning point – the era of an individual hacker sitting in an obscure backroom has long passed. Although there are still perpetrators acting in isolation, the most harmful hackers are often part of a larger network. Well trained, equipped with excellent tools and provided with adequate financial resources modern hackers are more like a well-organized swarm of ants that leaves nothing to chance.

This is precisely what makes modern cybercrime so dangerous. While the damage caused by an individual can be manageable, a larger hacker network has a better chance at overcoming the obstacles to achieve its objectives, thanks to its combined power. Therefore, it is no surprise that an increasingly number of individuals, companies and authorities are ransomware attack victims.

Ransomware and the Internet of Things
It’s not just the professionalization of the hacker scene that encourages ransomware attacks. The growing digitization as a result of the IoT era we find ourselves in increases the risk of becoming a victim of cyber blackmailers.

Imagine waking up one morning and discovering you need to pay a hacker $300 in order to start your car. This sounds bizarre but is quite possibly something we could experience in the future. In a world where the items we use become more and more connected – from cars to lightbulbs to pace makers – new avenues of attack are opened. Every IoT device – or rather its user – represents a new possible victim.

It’s worth noting that the increasing number of connected devices isn’t the main problem with regard to IoT security. IoT devices are often missing the necessary built-in security protocols – be it for cost reasons or limited processing performance etc. – and are therefore a risky business. In case of smart production plants, connected cars or connected medical devices, a ransomware attack can soon lead to financial or life-threatening disasters.

When Security Barriers fail
Today, cybercriminals and the ransomware they use are smarter and more effective at disguising themselves, resulting in large number of security products being rendered useless as they cannot react to these next-generation threats. Many vendors still rely on traditional signature-based techniques which do not offer adequate protection against the ransomware we are seeing today.

IT security researchers agree that, in the long term, ransomware attacks will be a prevalent threat for individuals as well as enterprises and public authorities, with the success of an attack depending on the capabilities of the security technologies in place. Anyone who blindly continues to rely on traditional signature-based protection will most likely suffer. Successful malware detection requires a proactive approach to endpoint security that is powered by machine learning and intelligent automation to effectively detect and block even the most sophisticated and stealthy malware.