It seems like there’s a massive ransomware attack that breaks on the news this week. Each week another company — often one with plenty of resources and power — falls victim to the never-ending onslaught of cyber attacks in the industry. But it wasn’t always like this. Let’s talk about the growth and rise of ransomware in the information security industry.
We know that ransomware lives everywhere in today’s security ecosystem. But what we don’t know is how we got to this point … Why has ransomware become such a popular tactic for adversaries to use? What makes ransomware more effective than other organization-breaking tactics? And what is ransomware, anyways?
For those who may be unaware, let’s start out this post by defining ransomware, and then we’ll move on to more complex discussions.
Ransomware is a form of malware that threatens to publish the attack victim’s information or block access to said information if a ransom is not paid. Simple ransomware simply blocks users from accessing or using data. This type is a minor inconvenience for victims but is something easily reversible for even the newest cybersecurity professionals. However, more complex ransomware is able to employ a tactic called crypto-viral extortion. Crypto-viral extortion encrypts the victim’s files, often making them completely inaccessible. The attacks then demand a ransom in exchange for the decryption of the files.
After successfully exploiting an individual or organization’s vulnerability and retrieving precious data, the attackers usually detail instructions for the victim on how to pay to get their information back (hence the word “ransom”). Attackers commonly use currency apps like Bitcoin or Ukash because they’re untraceable, making the attacker’s identity harder to pinpoint.
According to ZDNet, There’s been a huge increase in the number of ransomware attacks over the course of 2020, with a seven-fold rise in campaigns compared with just last year alone, according to newly released data from cybersecurity researchers.
Ransomware is not a new concept. Even before the age of computers and the rise of the Internet, bad actors were obtaining inside information and valuable “crown jewels” from organizations and holding them hostage in order to see a pay day. However, in recent years ransomware has seen a growth in both sophistication and overall effectiveness. The development of effective ransomware tactics has given bad actors the confidence to seek out “bigger fish.” All of these factors signal an enormous problem for the organizations that hold valuable assets and important trade secrets.
Simply put, viruses, ransomware attacks, and the overarching idea of information theft have always been a nuisance. But the dramatic increase in the danger level of these attacks and a large focus on using these attacks for financial gain has forced the hand of cybersecurity pros. As a result, both security teams and cyber criminals are throwing more resources towards each of their goals: defend and attack. But who wins out?
While many on the defensive side are successful in their efforts, it’s the successful adversaries breaking defenses — like this huge one, or that one, or even this one — that secure the headlines and garner national press.
While most ransomware defense methods are not 100 percent effective, they provide an additional hurdle against even the most complex ransomware attacks. Having a plan for defensive action is vital to prevent a costly ransomware infection. The tips below are a good set of general security practices. Implementing and following these tips will maximize your security against all sorts of ransomware attacks:
While prevention is important, detection and remediation are just as vital. If your organization is hit by a ransomware attack, it’s important to answer these questions:
The truth is, we don’t know your organization and the impact that a successful ransomware attack has on your company. But we do know the right questions to ask and the right information to gather in order to make an informed decision about what to do next.
Nobody wants to think about the idea of your organization falling victim to a ransomware attack. But it’s important — especially with the exponential rise of ransomware — to be prepared and ready to proactively neutralize the threat and deal with the consequences of the breach. By taking the time to assess the damage and get an accurate sense of the situation, you’re set up to make an informed and evidence-based decision.