You may have read about it already — the next global ransomware attack is projected to cost almost two billion dollars. There are also reports claiming this attack will likely exploit cyber-weapons from the U.S. government. Both of these claims are frightening and generating public concern. It is because of this concern, I decided to address this topic — but likely not how you will read about it elsewhere.
This is Old News
For those who don’t know, there have already been global ransomware attacks. The first, deemed WannaCry, exploited EternalBlue, vulnerabilities known by the NSA to use as a “cyber-weapon”. The total costs associated with WannaCry reached approximately $4 billion. To be fair, that’s a far reach from the projected $193 billion of the next attack. However, hackers have continued to advance their attack methods since WannaCry was released, meaning it’s not unrealistic to expect a higher financial loss for future attacks.
The Next Attack
Experts have suggested the next global ransomware attack will be sent via email. The victim would then open the email and click on the attachment. Upon clicking on the malicious attachment, the user would begin installing the malware. Sound familiar? It should — most ransomware attacks are distributed in this exact same manner. Again, this is not new news.
One of the bigger fears generated with this projected attack is the malicious email spreading through the contact list of the original victim. This in itself could be incredibly problematic, as it would allow for the ransomware to spread at an epidemic level. Think about this for one second. You get an email, and once you open it, it gets redistributed to all of your contacts. If only a fraction of them open it, it will still continue to spread to all of their contacts, and so on. This is a big, scary problem — but far from new news. Cyber attacks have used this method of distribution before.
Silver Lining
Although there may be another global attack in the works, it’s not projected to use a new, never before seen way, to infect users. This is good, considering there is a way to prevent this form of malicious attack. To avoid infection, use of an application whitelist. A whitelist will only allow for known, safe programs to execute. Therefore, the malicious attachment would not download to the device, nor would it have the opportunity to spread throughout the network if this was in a business setting. Again, this isn’t new news. Several major government entities have encouraged the use of application whitelisting to keep data and devices secure from modern cyber threats. You may have even heard about application whitelisting in our blogs before! 🙂
Conclusion
Global ransomware attacks have already occurred. These attacks also used malicious emails to distribute ransomware. Historically, malicious emails have also spread throughout victim’s contact lists — not always, but it has happened. None of these threats are new. Analysts are merely theorizing how the hackers could successfully execute another global attack by pairing the latter two.
The best method to prevent falling victim, application whitelisting, is also not a new theory. However, now that users know the potential damages of the next global cyber attack, they may be more apt to focus on a preventative approach. So our question is, now that you know what may be coming – what are you going to do about it?
