It is difficult to talk about the future of ransomware openly without feeling guilty about giving cyber criminals ideas. But then again, they have been smart enough to develop all the ransomware capabilities so far on their own.

It is clear that we need to be more conscious about the security posture of the products we build. But economics, time to market, and other factors will likely continue to produce devices with sub-par security built in. Cyber actors, criminals, or nation-states, will continue to take advantage of the vulnerabilities, both known and unknown to us.

It then becomes common sense to look ahead and try to predict what the next frontier in the fight against ransomware will be. With a more focused investment in research and technology, security companies, as well as companies that produce various connected devices, will have a better chance of reducing the attack surface and developing successful countermeasures.

Let’s look at the future of ransomware from two different angles:

• The malware capabilities: What new capabilities are likely to spur the next waves of attacks to maximize infection?
• The victim's landscape: What kind of victims will ransomware go after next? Will it be the blind widespread attack that looks to maximize the number of victims? Or will it be a more targeted attack aimed at high-reward victims?

Answering these questions will be the key to gaining a head start on the cyber criminals. Otherwise, we will forever be stuck in a catch-up game.