We are going to see a greater

[Rakhirandiseo]

Corporate ransomware
Another potential tactic for criminals is to target corporate infrastructure. Restricting employees from using their PCs is bad, but allowing ransomware to get into critical systems can be extremely disruptive to businesses and extremely lucrative for criminals.

“ focus on the concept of corporate ransomware, where it will no longer target one specific PC, but will try to spread the infection throughout the organization and infect as many systems as possible,” says Dmitri Alperovitch, co-founder and chief technology officer of security company Crowdstrike.

This will certainly require more effort than creating ransomware that is randomly distributed via email, but will increase the monetary gain.

"It's unlikely that an organization will kazakhstan mobile database if the deal is worth a few hundred thousand dollars. I have no doubt," says Alperovitch, "that if the ransom is ten million, it will be paid. When your business is collapsing before your eyes and you're facing millions of dollars in losses, all rational considerations disappear, and if you can, you'll pay what's necessary, and the board and CEO will make that decision without any hesitation."

New network attacks
However, not every cybercriminal group will spend the time and resources to attack specific targets, and ransomware will continue to be distributed randomly through spam emails because that still works.

And, as the 2017 incidents demonstrated, their effect will be amplified by the use of SMB exploits like EternalBlue or EternalRomance, which help ransomware spread across the network with minimal effort.

Cybercriminals aren't about to forget about such exploits. Bad Rabbit once again demonstrated how many organizations simply ignore critical patches released more than six months ago, so that attackers can freely exploit recently discovered vulnerabilities, taking advantage of the carelessness of enterprises and users regarding installing updates.