It may be a new year, but cybercriminals are expected to reach into their same old bag of tricks in 2018 to steal sensitive data. However, certain types of subterfuge are poised to become more common, with ransomware attacks chief among them.

According to MIT Technology Review – as well as several other hi-tech information and awareness websites – ransomware incursions will likely proliferate in 2018, affecting both small businesses as well as large organizations.

Appropriately titled, ransomware is a particularly pernicious variety of attack that wrests control of computer systems from users. Though there are several ways in which ransomware plots are carried out, they're usually done through deception by tricking users into believing they're downloading a benign file that is actually malicious software, effectively hijacking the system and decrypting it. The only way for users to regain control is by paying the ransom the originator of the attack demands.

In addition to MIT Technology Review warning about the potential for ransomware attacks to intensify, eWeek issued a similar advisory.

"Ransomware will continue to plague organizations with 'old' attacks refreshed and reused," warned Andrew Avanessian, chief operating officer at Avecto, a Massachusetts-based software management and security firm. "The threat of ransomware will continue into 2018."

"More than 250,000 computers were affected by the WannaCry virus."

Avanessian referenced that perhaps the best examples of ransomware's impact in 2017 were the WannaCry and NotPetya viruses, which targeted Microsoft Windows operating systems through the use of a cryptoworm. All told, more than a quarter-million computers in 150 countries were adversely affected by the contagion, with economic damages in the billions.

Over 1 in 4 ransomware events struck businesses in 2017
Although ransomware doesn't discriminate – everyone has the potential to be exploited – business owners are increasingly the main targets. Last year, for example, more than a quarter of ransomware attacks – 26.2 percent – impacted companies, according to Kaspersky Lab. That's up from 22.6 percent in 2016. What's more, nearly two-thirds of ransomware victims lost a "significant" amount of data, with 1 in 6 never regaining the information stolen, despite their paying the ransom.  

"Ransomware attacks will continue to grow at double-digit rates," Gartner analyst Avivah Litan told Security Boulevard. "I think we'll continue to see the growth of mass ransomware attacks against corporations and large institutions rather than small victims."

Illustration of ransomware in binary code. Ransomware attacks aren't expected to slow down in 2018.

Many small businesses forced to closed after attacks
But this is hardly an indication everyday consumers and small-business owners are in the free and clear, because if they're attacked, the fallout can be devastating. Of the 33 percent of small and medium-sized businesses that went through a ransomware attack last year, approximately 22 percent folded, based on survey estimates performed by Osterman Research on behalf of Malwarebytes.

"Businesses of all sizes are increasingly at risk for ransomware attacks," advised Marcin Kleczynski, Malwarebytes CEO. "However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise."

Despite ransomware and other viruses making the rounds, many Americans remain unaware about how they can protect themselves on the internet. Only 20 percent of respondents in a Pew Research Center study correctly answered 8 out of 13 questions that quizzed participants on their cybersecurity acumen. And just 1 percent finished the test error-free.

Cloud 9 has the resources businesses can use to identify and defend potential vulnerabilities and keep their payment processing software secure. Contact us to learn more.