In June 2019, IT Pro Today shared that consumer ransomware attacks are waning while enterprise ransomware attacks are increasing.
The article goes on to note that the rate of detections for businesses has risen from 2.8 million in the first quarter of 2018 to 9.5 million in the first quarter of 2019, for a nearly 340% increase. Data and network security professionals around the world are asking, “Why?”
What Is Ransomware?
Ransomware is a type of malware or cryptovirus typically carried out by some type of trojan horse. The computer virus appears to recipients or users as a legitimate file and tricks them into downloading it upon its arrival as an email attachment or link.
Simple ransomware locks the operating system in a way that many people with a certain degree of IT knowledge can reverse. However, hackers have been ramping up their malicious skills over the past few years, and ransomware attacks have become increasingly sophisticated, resulting in what is known as cryptoviral extortion.
In cases of cryptoviral extortion, the ransomware encrypts the victim’s files, making them completely inaccessible. The ransomware culprits then demand a payment to decrypt the files.
Ransomware criminals require that victims pay their ransom in bitcoin or other types of cryptocurrency to make tracing and prosecuting the perpetrators difficult.
Key Ransomware Attacks That Led the Way for Today’s Ransomware Cybercriminals
Ransomware first made its appearance in 2013, and the cyber attacks have been on the rise and evolving ever since.
The best-known ransomware attack is probably the WannaCry attack of mid-2017, which spread quickly around the world, shutting down hospitals and creating chaos.
“The real importance,” an expert from CSO Online says, “goes beyond the numbers and to the point that the virus was allowed to spread aggressively across devices on the network since user interaction is not necessary for further infection.”
Additional ransomware attacks of note include the following:
Why Are Enterprise Ransomware Attacks Increasing?
Though there are no concrete answers, two likely theories exist on why businesses have become the targets of increasingly more ransomware attacks.
Businesses Would Rather Pay the Ransom than Risk Losing Valuable Data
Even if businesses have cybersecurity measures in place, they are likely still wary of the risk of losing their valuable data, exposing customer or patient information, or damaging their brand due to any possible negatively perceived actions or repercussions.
Furthermore, since many anti-phishing tools fail to prevent ransomware attacks, cybercriminals see a nearly foolproof option in ransomware.
The Dark Web Allows Bad Actors to Offer Ransomware as a Service (RaaS)
Many up-and-coming threat actors, working through the Dark Web, now sell or rent RaaS to any hackers and cybercriminals looking to make a profit. This has turned ransomware into its own malicious industry, notes Solutions Review. These nefarious programs simplify ransomware attacks, making them straightforward and extremely effective, thwarting many enterprise cybersecurity experts.
How to Protect Your Company from Hijacking Malware
While it would be impossible to squelch the growing malicious ransomware industry, there are many things you can do to protect your company.
Invest in Endpoint Protection Platforms
Through these platforms, your digital perimeter can better deflect a large majority of ransomware attacks. Such programs inspect emails to seek out malicious files or payloads, prevent malicious encryption programs, and ferret out endpoint vulnerabilities.
Develop and Implement a Backup and Disaster Recovery Plan
Incorporating a backup and disaster recovery plan into your overall cybersecurity plan is important, regardless of the threat of ransomware. But when it comes to ransomware threats, implementing these risk assessment and management processes are particularly helpful.
If you are armed with multiple backups of your data in the cloud, offline and off-site, you can at minimum ensure that you always have access to your files, even if you experience a ransomware attack.
Provide Regular Ransomware Awareness and Prevention Training for Employees
Phishing attacks exploit negligence, ignorance, and the simple fact that workers often are busy or distracted while opening emails. Keeping all employees and users aware of the risks of ransomware attacks is an effective measure to combat this. Provide engaging and ongoing education to help users identify fake emails and other signs of phishing attacks.
Vigilance, Information and Preventive Action Are the Keys Ransomware Risk Management
There are no guarantees when it comes to ransomware attacks, but you and your team can certainly mitigate risks by staying informed, aware and proactive.
Get the latest cybersecurity news and insights delivered straight to your inbox. Sign up for ISACA SmartBrief on Cybsersecurity today, free.