Ransomware originated by targeting individuals, but as companies have begun to rely more on IT for all or most of their operations, they have become more lucrative targets. Companies have more cash on hand than individuals, plus their data is of a higher value. A survey among IT security professionals around the world revealed that malware and ransomware were their top security concerns in 2018.
What is ransomware?
Ransomware is malicious software that encrypts part or all of the data on your computers or servers. You can’t access the data without the encryption key, and that’s what the hacker will sell, or “ransom,” to you. Even if you pay the hacker, there is no guarantee that you will get your data back, so it can have a lasting impact on your business’ operations.
Ransomware is commonly delivered by a malicious link from a fraudulent email or message. The hacker will send an email that looks like it’s from a client, executive, or even a friend with either an attachment or link. Another infection method is by using pop-ups, they look helpful, and as the user clicks through them, they inadvertently download the ransomware.
Ransomware started back in 1989 in hospitals, and to this day, the healthcare industry is a prominent target for ransomware. The first attack was launched by an AIDS researcher, Joseph Popp, PhD. He distributed 20,000 floppy disks to other AIDS researchers around the world. They believed the disks had a programmed questionnaire that analyzed a person’s risk of contracting AIDS. The malware within the program lay dormant until users saw a pop-up that demanded $567 to use the computer. It was known as the AIDS Trojan or the PC Cyborg.
Ransomware was initially a very crude virus because hackers had to build the encryption code themselves. Over time, the ransomware software has become more sophisticated. Hackers can also just buy this more sophisticated software off the shelf. So a hacker without coding experience can use a ransomware-as-a-service program online and deploy malware to victims.
Ransomware attacks escalating
The ease with which to deploy ransomware has made it a lucrative operation for criminals. After using a targeting a considerable number of computers, only a few of the users have to pay for it to be profitable.
One of the most disruptive ransomware would be the WannaCry attack. It infected over 200 000 computers around the world and spread itself using unpatched Microsoft Windows systems. One of the most prominent victims was the UK’s NHS and resulted in losses of £98 million. The costs to fix the issue and to upgrade IT systems is estimated to have cost the world $4 billion.
The ransomware NotPetya spread itself through a compromised tax application. It infected computers in Ukraine and Europe. The virus reached Maersk and FedEx and is estimated to have cost the companies $300 million each. It is estimated that the attack cost $1.4 billion in total to fix.
Lloyd’s of London, ran its own scenario and concluded that the next global ransomware attack could be worse. Lloyd’s Bashe attack: Global infection by contagious malware report estimates that within 24 hours, 30 million devices could be infected, and the costs could reach $193 billion.
What can I do against ransomware?
One of the simplest things you can do is to keep your operating system and software updated. This closes any security holes that may have been found by the provider. Instill security protocols and train staff to build a good security culture in your business. Install anti-ransomware in every digital device like Carbon Black’s ransomware protection software to reduce malicious traffic in your network.
When you protect your data, you protect your business
Considering how much business relies on data and tech, the thought of them getting infected is a nightmare. To mitigate the high costs and damages that can result from a virus, you must ensure you have a well-trained organizational culture and use the right software tools.