The previous chapters discussed how to handle today's ransomware threats. This chapter will discuss the future of ransomware and the possible defenses against it.

Future of Ransomware

For as long as I've been doing cybersecurity, I've been asked if I believe cybersecurity incidents will be better or worse in the coming year. Every year I predicted it was going to be worse, and I've never been wrong. The last few years have been particularly tough because it's pretty bad out there, and it's hard to imagine how it could get worse. Hackers and malware have long had nearly free reign over the Internet to hack and do maliciousness without fear of reprisal. A malicious hacker is almost more likely to be hit by lightning than to be arrested for a cybercrime. That might be a statistical exaggeration on my part, but you get the idea.

I remember back in 2019 as ransomware was taking down organizations including computer security companies as well as hospitals, police stations, and even multiple cities, thinking, “How could ransomware get worse?” And then it did. At the end of 2019, ransomware began to routinely exfiltrate data, exfiltrate authentication credentials (e.g., business, employee, and customer), threaten and extort employees and customers, spear phish trusting partners and customers, and publicly shame victims. I covered this in Chapter 1, “Introduction to Ransomware,” as “quintuple extortion.” In the years since, quintuple extortion has become ...