The number of ransomware attacks is steadily on the rise, increasing 300 percent year over year. Have you considered how ransomware would affect your company? What if you didn’t have to? With the right disaster recovery protection solution, you can recover from ransomware attacks in minutes and reduce the risk of data loss to just seconds. But first, let’s gain a better understanding of what ransomware is, and why it’s a growing threat.
What is ransomware?
In the last few years, more organizations have witnessed the increasing trend of hackers attempting to extort money via the proliferation of various Ransomware Trojans such as WannaCry. In fact, according to Cybersecurity Ventures, the global cost of ransomware is predicted to reach $11.5 billion in 2019.
Malicious software is designed to gain access to files and encrypt data by generating a private-public pair of keys.
The data is impossible to decrypt without the private key which is stored on the attacker’s server until the ransom is paid. Unfortunately, in many cases even after a company pays the ransom the attackers never provide the decryption key leaving victims without their money or their files.
Recent advancements in encryption technologies coupled with the ease with which hackers can conceal their identities has resulted in an increase in the number of them adopting a ransomware strategy.
Ransomware — The story so far
The first largescale ransomware threats began in late 2013 with the emergence of what is probably the most well-known family of ransomware, CryptoLocker. In May 2014, as a result of a joint operation by law enforcement and security agencies the CryptoLocker Trojan was shut down, thanks largely to the disruption of distribution over the GameOver Zeus network used by hackers.
Although the original CryptoLocker Trojan has been shut down, many imitations of it are still circulating, while at the same time other families of Ransomware have since sprung up. The most prolific of these families are CTB- Locker, TorrentLocker, WannaCry and more recently, MegaCortex. Regardless of the name, their aim is the same – extort money from victims in return for decrypting their data and files.
Why is ransomware such a big threat?
These attacks pose a considerable danger for several reasons:
- Clever and evasive techniques circumvent security software, resulting in the creation of “Zero-Day Malware”, meaning the Trojan will be unknown to security experts as a risk in any security software.
- Security experts consider encrypted data to be unrecoverable. Many victims report that the decryption key is not provided by the attacker, even if the ransom has been paid. Therefore, giving in to the hacker’s demands is pointless.
- Using the Tor network and virtual currencies such as Bitcoin, hackers are largely untraceable by security agencies.
- Attacks are directed mostly at users in more affluent countries. According to MalwareBytes 47% of attacks in the first quarter of 2019 occurred in the US.
- Specific to businesses, in mid-2019, eCh0raix started appearing. This specifically targets mass-storage and network attached storage (NAS) disks. This trend of targeting “high-value” victims already has and is likely to continue increasing.
What are we likely to see in the year to come?
Unfortunately, Ransomware is on a steady rise. With over 850 million ransomware infections detected in 2018, recent studies show that attacks are increasing more than 300% year over year.
Numerous articles in the global news report organizations across the public sector, healthcare, transport and logistics, and financial services industries among others, are all suffering from increased ransomware attacks.
Use of the Tor Network has also enabled cybercriminals to begin offering Ransomware-as-a-Service (RaaS) models, meaning less experienced cybercriminals can leverage these attacks as well.
Cybercriminals are also becoming more corporate focused as they know that businesses rely on their critical systems to survive and therefore are more likely to pay a significantly higher amount to have their data decrypted.
Webinar: The Growing Threat of Ransomware
Join a webinar discussion with disaster recovery experts from C Spire Business and Zerto. Business leaders will learn valuable information on how to defend their organizations and much more.
When: 10 a.m. on Wednesday, March 4