Whether PowerLocker pioneers the next generation of ransomware or not, experts agree that a next generation of the malware with a broader base of perpetrators is inevitable. "If it isn't PowerLocker, someone else will put out a toolkit to do this," Cross noted. "Successful malware ends up becoming a toolkit. That's how the business functions today."
"It is inevitable that we will see a cryptographic ransomware toolkit," he added, "maybe even multiple toolkits because it's clear that there's a business opportunity here for criminals."
Moreover, that opportunity is likely to reach beyond the consumer realm and into the greener pastures of business. "Going after consumers is small fish," said Bruen, of the Digital Citizens Alliance. "The next step is to conduct ransom operations on major companies. This has already happened," he said.
"From an attacker's perspective, there's definitely a higher risk in getting caught because companies are going to throw more money at the problem than an ordinary consumer can," he continued, "but the payoff from one of these companies — a Target or a Nieman Marcus — will be much larger."
Current ransomware attacks involve encrypting select file types on a hard drive, but a business attack will likely choose a higher value target. "Cryptographic keys and digital certificates are ripe for ransom," Venafi's Bocek said.
"Whether it's taking out the key and certificate that secures all communications for a bank or the SSH keys that connect to cloud services for an online retailer, keys and certificates are a very attractive target," he observed.
"Criminals are ramping up their attacks on keys and certificates, and it's likely the purveyors of ransomware will do the same," he added.
Sign up for Computerworld eNewsletters.