While there are myriad online threats to businesses, organizations and governments, ransomware is by many metrics the worst right now. Other kinds of attack can have personal fallout, but for destructive impact on its targets ransomware is dominant, and for that reason one of the most lucrative for the attackers that deploy it.
Reported ransomware attacks on businesses jumped by over 365 percent in 2019, and increased 50 percent in the third quarter of 2020 compared to the first half of the year.
No one sector seems to be safe from ransomware: large cities including as Baltimore, Atlanta, Akron, Hartford, and New Orleans have faced major disruptions in recent years as well as major companies, a long list of them having suffered outages and extinction-level losses of data. Even cybersecurity companies have been successfully targeted and compromised.
The threat posed by ransomware, and its effectiveness, owes much to its variability. There are several variants and strains, each of which can be used to exploit specific vulnerabilities in a wide array of systems. There is even ransomware tailored to target specific industries. Some ransomware strains are designed to propagate rapidly via wi-fi and print networks, others target and encrypt data backups. Many of the more prominent forms of ransomware are actually updated and retooled all the time to allow hackers to avoid detection.
“While the sophistication and methods of attack may vary, the short answer is that ransomware is a type of malware that encrypts critical data on a computer or computer network so that users can’t regain access without paying a ‘ransom.’ The payment is typically demanded in bitcoin, because it’s difficult to trace and easily transferable,” says CyberScout founder and chairman Adam Levin.
Adding to the complexity of dealing with ransomware is the controversy about what to do if you get hit--specifically, whether or not ransoms should be paid. Baltimore mayor Bernard C. Jack Young faced heavy criticism from his constituents for the $18 million in damage caused by a 2019 ransomware attack when he could have paid an $80,000 ransom.
It can work out. The city of West Haven, Connecticut got hit with ransomware and opted to pay $2000 to the hackers; they quickly found their systems restored.
Other ransomware victims haven’t been as lucky. One study found that of the 45 percent of US companies hit with ransomware attacks, only 26 percent had their data unlocked.
“The safest bet is to prevent these attacks in the first place. But there have been informative examples of companies that mitigated the damage from a ransomware attack. Your Cliffs Notes version: Put yourself in a position where you can’t be affected ransomware,” says Levin.
There are a few attitudes to take--all of them helpful. The first is to focus on prevention, which involves minimizing your company’s attackable surface and understanding how ransomware work and how the hacking groups who develop them operate.