From SMEs to major firms, how will ransomware attacks evolve this year?

31 Jan 2019

Image: © paul_burns/

Ransomware is a growing threat to businesses, but there are steps you can take to protect your enterprise.

Ransomware attacks are on the increase, with the US Department of Justice describing the threat as a new business model for cybercrime. According to Cybersecurity Ventures, a business will fall victim to a ransomware attack as often as every 40 seconds.

Considering how the problem is evolving, it can seem difficult to figure out where to begin chipping away at the issue. Sash Sunkara, CEO and co-founder of hybrid cloud management platform RackWare, and Todd Matters, RackWare’s co-founder and chief architect, spoke to about what is in store as the year rolls out.

10 ransomware predictions for 2019

No enterprise will be exempt from a ransomware threat

According to Sunkara, enterprises of all sizes underestimate how vulnerable they are, but they can’t afford to make this mistake in 2019. “When businesses don’t believe they’re a target, they don’t feel the need to put systems and processes in place to ensure they would survive an attack. And the worst time to start thinking about it is when your business is in a state of emergency.”

The next few attacks will be more sophisticated

Sunkara added that ransomware is still a concern for good reason. “We’ve really only seen the first wave of these attacks. Enterprises have put process in place to protect themselves in the wake of that initial wave, but we’ve yet to see the worst of what these attacks can do.”

She added that threats only become more aggressive, predicting a greater need for enterprises to explore more sophisticated solutions.

Concerns will heighten around cloud security

Businesses will become more aware of the importance of securing their cloud environment, Matters says. “In general, clouds are as secure, if not more secure, than most data centres. But they have the same vulnerabilities that data centres do.

“As ransomware threats become more sophisticated, cloud providers will need to continue introducing protective measures that won’t leave clouds susceptible.”

Cloud providers’ efforts will only go so far

As Sunkara explains, “When you migrate your workloads to the cloud, the duty of managing a physical data centre, boxes or a network goes away.

“But managing your applications, monitoring performance and maintaining a level of security is shared responsibility between the cloud provider and enterprise IT.”

Cloud providers supply infrastructure, but it will be up to enterprise IT groups to make sure they have higher levels of security in the year ahead, Sunkara warned. “If you don’t have the right protections in place for your business, it’ll only hurt you. A service provider could walk away at any time.”

Stealthier tactics will bring some enterprises to ruin

Matters told that RackWare has worked with plenty of IT teams that believed if they were hit with ransomware, they would know about it right away. “Unfortunately, businesses that still share this belief will experience data compromises in 2019. The truth is that these threat actors are smarter than they’re given credit for, so intrusion detection and protection solutions aren’t optional.”

False positives will trigger uncertainty

Enterprises are beginning to implement safeguards, but those won’t be effective if the alerts aren’t reliable, Sunkara said. “If threat detection solutions regularly flag every small thing, IT teams will eventually stop paying attention – putting them and the data they’re protecting at greater risk.

“Organisations will want to make sure they have a smart system that flags when something is really wrong versus sending out a high volume of false alarms.”

Backup and protection plans will fail

Enterprises that have protection or disaster recovery plans in place will still succumb to a ransomware attack if they don’t routinely test or validate for their environment.

Sunkara explained: “You need to know what you’ll do when everyone’s looking at you and you’re losing money by the hour. You need to proactively determine what you’ll do in all scenarios so that you’re not scrambling when an attack brings your business to a halt.”

Enterprises will see what their cloud segmentation is made of

A good monitoring system is critical, but enterprise cloud setups will also need proper segmentation if they hope to survive an attack, Sunkara says. “Businesses will need to ensure that that an infection won’t impact their entire cloud environment in the event of a breach.”

The likelihood of attack will increase

As we become more connected and hackers become more motivated, the chances of your organisation getting hit will increase. “Threat actors are, unfortunately, making money off of these attacks and that’s driving them to keep evolving,” Sunkara said.

Security will rely on a mastery of the basics

It’s not all doom and gloom, Matters said. “If enterprises don’t have the right detection or backup measures in place, they’re not necessarily doomed.

“Mastering the basics is a good starting point. That includes investing in intrusion detection and protection.”

Exploring new technologies that can check for threats at different times and levels can also help mitigate new issues making their way into cloud environments.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects