New Cisco Report Reveals Vulnerabilities to Ransomware

In the world of cybersecurity, experts are constantly working to find ways to bulk up defenses and foil attackers, fighting the good fight to ensure the safety and protection of our most sensitive data. Despite some recent encouraging developments, optimistic projections and new methods to effectively protect against ransomware, Cisco’s newly released 2016 Midyear Cybersecurity Report (MCR) may have put a bit of a damper on things. The report, released on Tuesday, states that more sophisticated versions of ransomware may be on the horizon, and that organizations may not be fully prepared.

The report paints a pretty dismal picture of the current state of security. Even with the strides being made in terms of threat detection and security, there are still far too many cases of poor, unfit defense infrastructures out there, causing hackers to salivate and sharpen their knives. Instances of outdated software, errors in code, sluggish detection rates and other vulnerabilities are the primary culprits, leaving organizations and individuals even more exposed and susceptible to attacks as ransomware bugs become more and more advanced.

The report focused predominantly on ransomware, calling this predicted, more advanced version “Ransomware 2.0.” An appropriate name, as this “new and improved” form of the hostage-taking malware is said to be a faster, smarter, more fluid and more resilient version of its former self – a virtual Lord Voldemort.

“As organizations capitalize on new business models presented by digital transformation, security is the critical foundation,” said Marty Roesch, vice president and chief architect, security business group, Cisco. “Attackers are going undetected and expanding their time to operate. To close the attackers’ windows of opportunity, customers will require more visibility into their networks and must improve activities, like patching and retiring aging infrastructure lacking in advanced security capabilities.”

At this stage, most ransomware attacks can be thwarted with solid backup practices, but it’s looking like that may not last much longer. “Future ransomware attacks will evade detection by being able to limit CPU usage and refrain from command-and-control actions,” the report states. “These new ransomware strains will spread faster and self-replicate within organizations before coordinating ransom activities.”

For the time being, backup continues to be the best defense against ransomware attacks. Looking ahead, however, it will be imperative for folks to zero in on their networks and install upgrades and necessary patches faster than you can say “hacker.”