As 2015 comes to a close, we look back on a year that literally reshaped the malware landscape mostly due to the emergence of multi-layered threats and ransomware. Much of our research and extensive collection of malware threat examples gives us a glimpse of what we should expect in 2016.
While we don't have a clear crystal ball revealing precisely what 2016 will bring, we have clear peak as to what will be the upcoming prevailing threat types.
The top trending threats for 2015 were several multi-layered attacks and a multitude of ransomware threats. Among the multi-layered threats, we saw many instances of DDoS attacks where many have evolved to take months before enterprises are able to seek out and stop such attacks. Due to the extra time it takes to combat recent DDoS attacks, the perpetrators have allotted themselves additional time to crack locks on whatever they are attempting to discover on a company's network.
DDoS, aptly known as Distributed Denial of Service attacks, is an instance where hackers or cybercrooks target a system and flood its server with an excessive amount of traffic or bandwidth to the point that the system crashes or is unable to fulfil its normal requests from the internet or a network. In some cases, the result of a DDoS attack compromises a targeted system used in conjunction with a botnet infection to later send instructions to a system that is essentially taken over by remote attackers.
The results of most recent DDoS attacks that we have seen have ended with the relinquishing of private data or exposing information taken directly from an attacked server. To name one prevalent situation, we only have to go back a few months to the Ashley Madison hack, which took on a life of its own where hackers were hell-bent on publicizing users of the secretive affair service.
When it comes to ransomware, 2015 has been an eventful time where we saw countless threats evolved from the traditional sense of ransomware to an aggressive threat that encrypts files and data on infected systems. The many new ransomware families, most encompassing the ability to encrypt data and sell a decryption solution, have been quite the money maker for cybercrooks. Use of threat notifications giving computer users the sole option of paying a ransom fine of $50 to nearly $2000 in some occurrences has made crypt-ransomware threats one of our main focuses for solving during 2015 and into 2016.
To this date, crypto-ransomware threats, such as CryptoLocker, CryptoWall, and VirLock, remain to be the most difficult malware threats to remove from a PC. For those very reasons, we expect ransomware and encrypt-type ransomware threats to be prevalent during 2016 just as they were in 2015.
The prediction of trends for cybersecurity threats has never been a full-proof concept. However, we believe through our experience in 2015 we can decipher that multi-layered attacks and ransomware is here to stay through the year 2016. Guard yourself accordingly.