Just five years ago, cybersecurity experts were warning that the threat from cyber extortion was poised to grow as criminals increasingly looked to profit from the use of ransomware. Hackers have since perfected their ability to infiltrate computer systems and encrypt everything until the owner pays a ransom to regain control.
In 2016, the majority of ransoms paid were $500 or less. We now regularly see ransom payments that are more than 10,000 times that level. Palo Alto Networks consultants have seen average payments increase to more than $500,000. We’ve even seen some payments above $10 million.
No, it’s not a movie plot. Over time, hackers realized they can make more money targeting large organizations, and they’re reaping the profits. Moreover, these hackers have learned that encrypting data allows them to disable critical computer systems, thus enabling them to cripple 911 dispatch centers, halt the flow of gas pipelines and shut down hospital emergency rooms.
Ransomware presents a massive risk to national security and the operations of large organizations. While the headlines focus on attacks against large corporations and governments, small businesses are also regularly victimized by cyber extortion. And such attacks can be devastating to small organizations that lack the knowledge, staff and financial resources to withstand a major cyberattack.
With organizations moving to a hybrid work model, it’s become even more important to educate employees on the dangers of ransomware. With a mix of office and remote workers, including a mix of work and home devices on company networks, it’s becoming easier for hackers to identify security weaknesses.
Ransomware is primarily spread through phishing emails that contain malicious attachments. Disguised as legitimate communication, the fraudulent email tricks the recipient into responding by enticing them to click a link, open an attachment or directly provide sensitive information.
Phishing emails have become one of the most prevalent methods of ransomware because they’re simple to deploy. Adding to the ease of deployment is the availability of low-cost phishing kits that include website development software, coding, spamming software and content that can be utilized by hackers to create convincing websites and emails.
Hackers like to take advantage of software vulnerabilities to spread ransomware. Software vulnerabilities are weaknesses in a software program.
A software patch helps to solve this problem by addressing security vulnerabilities in a software program, so a hacker is unable to exploit them. Most of the time, software patches will be issued automatically by a vendor, so take advantage of them. Other times, you will need to install a software patch manually; make sure to check whether you have the latest patches. If you don’t, go directly to the vendor’s website and install them.
If you’re the victim of a ransomware attack, don’t panic. Check whether you have backed up your files. If you have, restore from your latest backup. This is the fastest way to get your files back. If you haven’t backed up your files, then you may need to consider your files lost.
The most common question we get with ransomware attacks is: “Should you pay the ransom?” Unfortunately, there’s not a one-size-fits-all scenario. All victims of ransomware attacks are left with difficult decisions. Seek the advice of a professional who can help you determine what to do.
What we advise is to prepare for a ransomware attack. There are security tools and technologies available that can help prevent a ransomware attack and protect you from making that difficult decision.
For more tips on digital home safety, see “Cybersecurity Tips From Unit 42 for the 2020 Holiday Shopping Season” and “Cybersecurity Tips from Unit 42 for the Household CIO of 2020.”
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.