Picture this: you’re working at your desk, just like any other normal weekday.
Your notification bell dings and suddenly there’s an email in your inbox that, though it looks somewhat suspicious, mentions a C-suite executive, client, or other internal information. It could be important, so you click the link or download the attached file.
Your screen goes black and a pop up window comes up demanding money in exchange for your company data.
This situation may sound straight out of a 90’s cybercrime movie, but it happens every day. It’s called ransomware.
Ransomware is responsible for 23% of all cyberattacks on businesses (according to the 2021 IBM X-Force Threat Intelligence Index), making it the most popular form of cybercrime.
But how does ransomware affect your business and, more importantly, how can you prevent it from happening?
Here’s what you’ll learn in this post:
Let’s start by diving a little deeper into ransomware: what is it exactly?
In its simplest sense, ransomware is a form of malware used by cybercriminals that blocks a user from accessing their files, data, or system. The hacker will often threaten deletion, encrypt files, or block access altogether. Then, in exchange for a ransom payment (usually by credit card or cryptocurrency), the hacker is supposed to release the data back to the user or organization.
As you can guess, there’s no guarantee that a) the data will be returned at all, b) the data will be returned in the same state, or c) the data will not be copied by the hacker. It’s also possible that your system was attacked with other forms of malware (used for future attacks) during the first ransomware cyberattack.
The history of ransomware
Ransomware is nothing new in the world of cybersecurity.
Its earliest occurrence goes back to the late ‘80’s when Joseph L. Popp (coined the “father of ransomware”) sent 20,000 infected disks to the WHO’s international AIDS conference. When users inserted the disks into their computers, file names were encrypted and required a $189 payment to gain access again.
Why is ransomware so popular?
When important and sensitive data is held hostage, many organizations have no other choice than to pay. Rather than hacking a company’s bank account, cybercriminals have learned it’s much easier to simply hack into the (often less secure) internal system or data, hold it ransom, and require payment.
Ransomware has also been growing rapidly since the COVID pandemic began and remote work increased. In fact, according to a report by VMware Carbon Black, ransomware attacks have increased by 148% since the start of the pandemic. What’s worse is ransom fees have also increased, according to the National Security Institute, going from an average of $5,000 in 2018 to $200,000 in 2020.
Ransomware can be catastrophic for businesses of all sizes; not only is valuable data lost, but business is effectively at a standstill. That means downtime and huge potential losses for victims.
But there are even more ways ransomware can affect your business:
Who’s at risk for a ransomware attack?
You may be thinking “those hackers are only after the big guys with a lot of cash.” You’re right, attackers are certainly after large organizations, but they’re also not picky about who pays them.
Larger companies certainly have more capital (and potentially more payout for cybercriminals), but that doesn’t mean small and medium-sized businesses are safe from ransomware.
In reality, smaller organizations are often more exposed: some with smaller security teams (such as universities) or others who need prompt access to files (like medical facilities or law firms).
SMBs don’t feel like they’re a target for ransomware…and that’s exactly why they are. But most small businesses simply cannot afford to be the victims of cyberattacks.
It’s understandable if you’re concerned about ransomware for the first time. Stay tuned for our upcoming post on steps to prevent ransomware in your company. In the meantime, continue staying proactive about your cybersecurity by reading 8 Epic Cybersecurity Fails.
Circa Las Vegas
Thurs. Aug 5th
Cybersecurity Reunion Pool Party at BlackHat 2021