Why Is Ransomware So Successful?

Ransomware attacks are surging because attackers have perfected their techniques while enterprises in all sectors have failed to address critical security shortcomings, says Raimund Genes, CTO at Trend Micro.

"It's the rise of anonymous money transfer services using TOR, bitcoin and other means that the bad guys have perfected," Genes says in part two of an interview with Information Security Media Group. "Anonymous stuff today like Ukash, Bitcoin, iTunes gift cards and the dark web make it very difficult to trace the attacker."

In addition, cybercriminals can turn to ransomware-as-a-service to easily launch their campaigns, which Genes predicts will continue as long as enterprises pay ransoms.

Security Shortcomings

So many enterprises are vulnerable to the attacks because they've failed to take the necessary security precautions, including offline backups, he says. "Everyone moved away from offline backups with three copies in two independent places. This was the golden rule a few years ago. It seems that with cloud and online backups, people have totally forgotten about it."

Other essential security steps that are often skipped, Genes says, include network segregation and segmentation as well as a comprehensive risk management plan. This could be because they are too focused on protecting themselves against so-called "APT" attacks, he argues (see: Moving Beyond the Buzzwords).

"Companies spent so much time and effort on silver bullets against APT that ransomware seems to have caught them by surprise," he says. "Ransomware is a reminder that basic security should not be forgotten."

In this interview (see audio player below image), Genes also shares his perspective on the controversy over VirusTotal, the malware database service from Alphabet's Google. New rules set by VirusTotal will exclude security vendors for not sharing data. Genes spelled out key concerns in a recent blog (see: VirusTotal Move Stirs Conflict in Anti-Virus Market). He also addresses:

The ransomware ecosystem and its persistent nature; How defenders have fallen short (see: Targeted Attacks Becoming the Norm); Action that enterprises should be taking to battle the ransomware threat.

In part one of this interview, Genes spoke about the latest trends in the security marketplace.

Genes has more than 30 years of computer and network security experience. As CTO at Trend Micro, he is responsible for working with a team of researchers to introduce new methods to detect and eradicate threats and to predict movements in the digital underground.