Ransomware attacks grew the most in 2017 with nearly 50 percent occurrences than in 2016 and many businesses and individuals in Nigeria experienced them for the first time in the same year, according to Deloitte Nigeria’s Head of Cyber Risk.
In Tweet Chat with hashtag #NigeriaCyberOutlook2018 conducted by the company, Tope Aladenusi, highlighted the latest trends and challenges that face cyber security in Nigeria and around the world.
Ransomware is a form of malware designed to restrict user access to a computer system until a ransom is paid, he noted.
Aladenusi likens the attack to ‘cyber-kidnapping’ while noting that unlike most malwares, Ransomware targets the owners of data by holding their computer files hostage typically by encryption until a ransom is paid.
Attackers that use Ransomware have different motivations all of which is underlined by the need for profit.
Over the years, the trend has changed with attackers focusing on specific campaigns to guarantee maximum profits. The biggest Ransomware attack in 2017 happened in May 2017 when the ‘WannaCry’ hit the web.
WannaCry is a so-called encryption-based Ransomware that encrypted users’ files using AES and RSA encryption ciphers meaning the hackers can directly decrypt system files using a unique decryption key.
The attack, according to Aladenusi, affected major organisations such as National Health Service in the UK, European countries as well as some organisations in Nigeria.
“Security experts have described Ransomware as the go-to method of attack and the “epidemic of our time.” Unfortunately, this trend of Ransomware attack is expected to continue in 2018 given the relative ease in which the attack could be set up and the attacker could quickly cash in,” he said.
Ransomware is also expected to grow in 2018 because the code or the malicious program can easily be bought online by anyone and used to render an organisation or any target captive.
“It is also expected that Ransomware in 2018 would start to target other platforms apart from desktops and laptops; majority of the attacks in the past were on systems running Windows operating systems. It is expected that there would be a shift and Ransomware would also be developed to attack mobile devices especially those running on the Android platform,” Aladenusi said.
He noted that a business without proper security or a fail-safe in the event of a Ransomware attack may fall victim and have no choice but to pay the ransom to the attacker. Payment is often in currency that is difficult to track, like bitcoin.
