The number of ransomware attacks has steadily risen over the last decade and now tops 1.7 million hits per day—that’s one attack every 19 seconds. With the right disaster recovery protection solution, though, you can recover from ransomware attacks in minutes and reduce the risk of data loss to just seconds. Or, avoid them completely.
But first, let’s gain a better understanding of what ransomware is and why it’s a constant threat.
What is ransomware?
The aim of ransomware is always the same—to extort money from victims in return for decrypting their data and files.
In recent years, organizations have witnessed the increasing trend of hackers using ransomware trojan horses such as WannaCry, which held hostage the files of 250,000 Microsoft Windows users across 150 countries in 2017, resulting in $4 billion in net losses. According to Cybersecurity Ventures, the global cost of damages inflicted by ransomware is predicted to exceed $265 billion by 2031.
Malicious software is designed to gain access to files and encrypt data by generating a private-public pair of keys. The data is impossible to decrypt without the private key, which is stored on the attacker’s server until the ransom is paid. Unfortunately, in many cases even after a company pays the ransom the attackers never provide the decryption key, leaving victims without their money or their files.
Recent advancements in encryption technologies coupled with the ease with which hackers can conceal their identities has resulted in an increase in the number of them adopting a ransomware strategy.
A brief history
The first largescale ransomware threats began in late 2013 with the emergence of what is probably the most well-known family of ransomware, CryptoLocker. In May 2014, as a result of a joint operation by law enforcement and security agencies, the CryptoLocker Trojan was shut down, but many imitations of it are still circulating, while at the same time other families of ransomware have since sprung up. The most prolific of these families are CTB-Locker, TorrentLocker and WannaCry, and more recently, MoveIt and LockBit. In 2023, organizations like the British Royal Mail service, Boeing and MGM Resorts were all victims of ransomware.
Why is ransomware such a big threat?
These attacks pose a considerable danger for several reasons:
- Clever and evasive techniques circumvent security software, resulting in the creation of “zero-day malware,” meaning the trojan will be unknown to security experts as a risk in any security software.
- Security experts consider encrypted data to be unrecoverable. Many victims report that the decryption key is not provided by the attacker, even if the ransom has been paid. Therefore, giving in to the hacker’s demands is pointless.
- Using the Tor network and virtual currencies such as Bitcoin, hackers are largely untraceable by security agencies.
- Attacks are directed mostly at users in affluent countries. The U.S. has been attacked more than 2.5 billion times since 2004, and in 2022 was the most targeted country in the world.
What are we likely to see in the year to come?
Unfortunately, ransomware continues to rise. Corvus reported that attacks increased 95 percent year over year from 2022 to 2023. And reports of attacks on organizations across the public sector, healthcare, transport and logistics, and financial services industries show how widespread these attacks have become.
Cybercriminals are also becoming more corporate focused as they know businesses rely on their critical systems to survive, and therefore are more likely to pay a significantly higher amount to have their data decrypted.
But your organization doesn’t have to be the next victim. Learn more about C Spire's Cybersecurity Solutions and avoid becoming another statistic.