With increasing ransomware activity in Europe, US, and Canada, Symantec expects it to spread to regions such as Australia, as well.
This observation comes the way of a recent whitepaper by the security vendor, titled Ransomware: A Growing Menace, which found limited ransomware activity in Australia, but expects it to grow in 2013.
Symantec Pacific region specialist solutions director, Sean Kopelke, said ransomware itself is nothing new and has been around since 2009, but points out it was not heavily used back then.
“When we look at the cyber crimals, who are more and more monetary driven, malicious malware in the past was created more to annoy us,” he said.
“We’ve seen that move to a monetary focus from the type of malware they are creating.”
A common trick employed has been the fake antivirus scenario, which entails sending a message to the user, making them aware something is wrong with their machine, and then offering to fix that.
“That has been an ongoing problem for all security vendors, though it has been addressed well and the market is starting to understand and identify those types of malware attacks on their system,” Kopelke said.
This shift to ransomware consists of a similar business model, where the hacker sends something to the user and gets them to emotionally react to a scenario quickly, such as a small payment to take care of it.
Kopelke said there are requests for payments as small as $10 to $15, all the way up to the hundreds of dollars.
“They do that by making people feel as if they have to do that as soon as possible,” he said.
One method used for ransomware is to make it look like the messages are being sent by law enforcement.
“We’re seeing scenarios where they are convincing the user that law enforcement has identified the browsing of illicit material online and then locks their device,” Kopelke said.
That is what ends up forcing the action on the user’s end, as the ransomware is able to lock and stop the use of the system.
“The only thing they can do is make a payment to unlock those systems,” Kopelke said.
New world order
In addition to the ransomware observation, Symantec has also made several predictions for the security space for 2013.
For one, Kopelke says there is going to be more activity in the social network space.
“For the last year of two, we have already been seeing some of the scams that are coming into social networks, encouraging people to click on links and follow through to things,” he said.
The way that hackers are generating revenue is by getting users to click through to certain web sites.
“What we’re seeing is a lot of major social network players are now integrating payment methods into their systems, so that is going to raise another target point for hackers to focus on,” Kopelke said.
Symantec expects conflicts between nations, organizations and individuals to predominately take place in the cyber world in 2013, as well as a spike in malware as companies seek to drive mobile ad revenue.
When it comes to security threats, Kopelke said Symantec is a “great believer in following the money.”
“As people start moving more and more to their mobile platform, to using more devices and interacting with Cloud applications, we’re going to see more targeted threats going into those environments,” he said.
“Hackers are going to start exploiting security risks on mobile devices, but also financial and credit information in there, so that whole area of malware focused on the mobile device will continue to be a big shift.”