Ransomware, including the infamous file-encrypting Cryptolocker, posed a major threat in 2013. But this cyber-crimewave could get much worse in 2014. That’s because cybercriminals are plotting to create new ransomware using automated malware kits.
The widespread Cryptolocker ransomware has been responsible for thousands of infections worldwide, raking in millions of dollars for its creators. Users whose PCs get infected by Cryptolocker have all their files taken hostage by this file-encrypting ransomware, which uses very strong encryption to scramble their files, including photos and documents.
The Cryptolocker gang demands a payment of about $300 in untraceable bitcoins in exchange for the encryption key to unlock the files, although there is no guarantee that they will follow through with the deal once the ransom is paid.
Now, other criminal gangs are looking to get a slice of the pie, according to James Lyne, Global Head of Security Research at Sophos. Documents spreading online indicate that cybercriminals are hoping to create a ransomware crime kit to generate new variations of the malware, James explains in an interview with BBC News.
If that happens, new variants of ransomware can be created by anyone who buys the crime kit, without any special expertise.
Although file-encrypting ransomware is not new, Cryptolocker has raised the bar. “Cryptolocker is very much a deviation from the norm, and I actually think it is a sign of things to come,” James tells BBC News.
How to stay safe from ransomware
Sophos protects our customers against Cryptolocker and other ransomware threats. Watch the video created by our Support team to learn more about how Cryptolocker works, and what happens when Cryptolocker infects a computer. You can also download our recent whitepaper on ransomware (registration required).
Security trends in 2014
To stay ahead of the threats, SophosLabs experts are looking over the horizon for new trends in cybercrime. In 2014, our experts are predicting that cybercriminals will diversify and specialize malware to attack all kinds of platforms, from cloud services to social networks and the so-called Internet of Things.
To prepare yourself for what’s coming in 2014, read up on the top 10 security trends we’ll be watching in the coming year.