Ransomware has been a problem for businesses, individuals and organizations for years, but it has reached endemic proportions in the last couple of years. According to U.N. Findings, since the COVID-19 pandemic, email-based malicious attempts on organizations have risen by a whopping 600% or more.
And ransomware is costly. The largest single payout so far by any one organization was a staggering $40 million dollars paid by an insurance company to its attackers. Even by corporate budget standards, this is something nobody wants to lose. Average ransom demands are usually smaller, but nothing to sneeze at either. The average payout by companies and others are approximately $200,000 according to findings from the National Security Institute.
What is Ransomware?
Ransomware is a type of malicious software that can enter your network or data storage media through a number of different means and then encrypt your most important information. Once this is done, you no longer have access to the data without a private decryption key that the gang responsible for the attack will only give you if you pay them.
Often, ransomware is sophisticated enough that it quietly enters one part of your systems and then spends days or even weeks slowly encrypting data. It waits for opportunities to infiltrate your backup resources whenever they’re temporarily exposed. In this way, the attackers not only encrypt your local data at the point of their initial entry, but also any backup networks and data throughout your whole organization.
Once every sensitive item your organization owns has been encrypted, the hackers can demand payment and threaten to either destroy or resell your data if you don’t pay within a certain period of time.
The Rising Tide of Ransomware Attacks
Ransomware attacks are growing at an absolutely unprecedented rate today. Losses from these events have grown globally from “just” $325 million in 2015 to an overall expected cost of $21 billion for 2021. This is a nearly ten-fold increase in just a few short years. According to these same findings above, ransomware costs by the end of this decade are expected to expand beyond $250 billion for organizations, a further ten-fold increase.
Ransomware is just one of the many threats businesses face. What makes ransomware unique however is how directly and immediately it creates a cost for your organization.
What’s more, ransomware attacks are often perpetrated by attackers using highly-sophisticated tools and techniques that have been finely honed into several “families” of software by professional hacking groups for maximum effectiveness. Two of the most prolific and ambitious gangs in this dark business have recently been one group called REvil and another named DarkSide. These two alone have been responsible for as much as 30% of all attacks in the last year.
One of the most insidious things about ransomware is how effectively it works for those perpetrating it through the tactics they employ: According to findings, 96% of organizations hijacked by ransomware had their data completely decrypted after paying their attackers. What’s more, many organizations were able to negotiate their payment demands downwards and are also given “customer service” for setting up payment as quickly and smoothly as possible.
This combination of hard-to-stop attacks, urgent data retrieval needs, ease of response to demands and knowing that payment is the single quickest way to save data makes simply paying attackers into the most pragmatic choice.
Increased network patching and professional security might come afterward, but in the moment of being the unprepared victim of an effective attack, payment really is the most effective data retrieval response. This of course shouldn’t be the answer, and for your organization, an affordable ounce of prevention is vital.
How to Effectively Protect Your Organization Against Hijacking
One thing that makes fighting off ransomware attacks so difficult is the sheer number of different attack surfaces available to hackers. They use highly sophisticated software that can breach your data through email and backdoor attacks on poorly updated internal or backup and data storage software. However, they also can also use social engineering calls and phishing emails in which employees are tricked into handing over access to internal data networks.
In other words, even if your organization is aware of the dangers of ransomware, your security will only be as good as the weakest section of your protection. The hackers themselves need only one single entry point to make their encryption work.
With that said, you can take steps of your own to protect your data (including keeping multiple backups across multiple different platforms and hardware tools, and keeping them segmented from each other). This means only accessing them carefully, under controlled circumstances to update the data they store. Additionally, you can teach your employees about the importance of never downloading or opening anything from any email source that’s not trusted and verified.
Most importantly, you can hire a professional IT security firm to assess your security situation and formulate a high quality data backup and security plan that’s specific to your needs. Great Lakes Computer offers this through several tools that include endpoint security for preventing attack entries, data recovery solutions for your storage devices and security operations as a 24-hour service that monitors your whole organization for ransomware and other attacks before they even start.