ransomware_continues_to_evolve_don

“What’s old is new again.”

The simple truth is that tastes and trends seem to repeat. We’ve seen it countless times in the world of fashion, and now, we’re seeing a similar trend in the security arena.

Over the past year or so, cyber-criminals around the world have come to rely increasingly on a type of malware called “ransomware,” which encrypts all the files on your computer, requiring you to send money (typically in the form of Bitcoin) if you want your files unlocked.

Before ransomware became the latest threat, however, there was “RansomLocker”.

This malware is similar in its intent, but much more primitive. It doesn’t actually encrypt your files, but rather, simply locks your computer so that you cannot access anything. The idea is the same, of course. If you want access to your computer again, you’ll pay the ransom demanded. The problem, however, is that unlike modern ransomware, a savvy IT professional can generally get around RansomLocker software by using “rescue discs” and the like, making it of limited use to cyber-criminals who are looking to cash in on their talents.

Recently, however, RansomLocker software has been showing some signs of resurgence. Security professionals have begun to see it popping up in places again, although it is unknown if the criminals are simply using the malware as a kind of test dummy to test antivirus detection rates, or whether this is a sign of some new (or rather, renewed) attack vector to come.

One thing that is known for certain is that this old-but-new-again type of malware has been given some significant upgrades that make it both harder for antivirus software to spot, and allow for undetected communications between the criminals and the infected machines, thanks to the fact that the malware makes use of the Tor anonymizing network, making it virtually impossible for IT security pros or law enforcement to track the authors down.

What this means for the future is anyone’s guess, but one thing you can be sure of is this: Old attack vectors never go away completely. You might not see them for a while, but they’ll be back, and when they return, they’ll come bearing upgrades that keep them dangerous.

Get The Latest Healthcare Security and Compliance News Sent Directly To Your Inbox

Fill In The Form Below for industry news, information about our services, events, webinars and more.