Ransomware continues to skyrocket

Read time 3min 10sec
We will continue to see different organisations rolling out new products and tools to fight ransomware, says CSIR's Dr Jabu Mtsweni.
We will continue to see different organisations rolling out new products and tools to fight ransomware, says CSIR's Dr Jabu Mtsweni.

The fight against malware is virtually lost because malware is on the increase and we are falling behind. Info Security-magazine revealed that in 2015 there were around 430 million new malware strains globally.

This was the word from Dr Jabu Mtsweni, research group leader for cyber defence at CSIR, speaking at the ITWeb Security Summit 2016 in Midrand yesterday. Mtsweni explained that crypto malware is currently on the increase, with a 35% growth.

Although crypto or ransomware started in 2005, it has been skyrocketing from 2013 through to 2015 and we will continue to see different organisations rolling out new products and tools to fight it.

"American computer scientist John McCarthy once said the antivirus paradigm is dead and I agree with him because anti-viruses only depend on what they know. If they can't recognise a virus, they won't be able to fight it, and that's what the criminals are tapping into," he observed.

This explains why hackers are not only using this malware but they are also earning money by selling it on the dark web, he added. In today's society, he continued, criminals are selling cross-platform ransomware like the Java script ransomware which can run on any platform, from mobile devices to Apple Mac Books etc.

"However, now we have portals which allow hackers to create their own viruses in a matter of minutes. Cyber criminals are not stupid; they are always one step ahead.

"I don't think there is any single solution that can resolve the malware issue because most solutions only have a limited view of the type of malware they are fighting. It's either they are focusing on specific malware or some solutions are only talking to specific data sources.

The other problem that is coming to the fore now is that some of the anti-viruses that we see today are actually malware themselves. You find on Google play, an anti-virus being sold, but it's actually not antivirus but rather malware. You find people selling antivirus software or an app but it's actually malware, revealed Mtsweni.

"Hackers are adopting the same tactics that we are using as solutions, for instance they are applying corporate practices to steal the stuff from us. They are extensively resourced. They have technical people who are able to create these malware and reverse-engineer them at the same time," he pointed out.

"As much as app stores like Apple and Google are trying to fight malware, most malware is found in apps. From 2011 when Android was not that popular, the trend of malware is continuously growing.

Criminals use those apps which appear to be the most innocent, he explained. Most anti-virus software spends most time draining the battery rather than keep viruses away.

Most of the malware problems we have are self-inflicted; criminals would normally not enter into our systems if we were well-protected, he noted. One of the most critical things we need as a country, he advised, is capacity building.

"With so many people developing software, South Africans are good at developing software, but not many people are studying and analysing this software."

The key thing for us to be victorious is we need to win before we go to war, because we can't win when we are in there, he warned.

"Hence building the skill of malware analysis and secure software development is very important," he concluded.

See also