My issue was resolved promptly.
If you own a business and your business uses technology, you are vulnerable to attacks from cybercriminals. One increasingly popular form of cyber attack is ransomware, a form of malicious software, also called malware, that encrypts your files and demands a ransom payment in exchange for the decryption key. Ransomware is spread through a variety of means, most typically through phishing emails or when a person visits an infected website. Ransomware is lucrative, costing businesses an estimated $20 billion by 2021.
There does not seem to be a pattern to the types of businesses that are targeted by cybercriminals. In other words, to the cybercriminal, any business with money is a potential target. One factor that criminals consider is whether a business can pay the ransom. A typical ransom payment averages between $2 and $5 million.
Traditionally, ransomware involved a widespread attack on multiple organizations. Recently, however, attacks have moved away from these types of attacks to more targeted attacks designed to take down an entire organization. These new types of ransomware attacks gain access to a system via VPNs and remote desktop applications by scanning the Web for vulnerabilities. Once the access points are located, cybercriminals return and use that compromise to deploy ransomware.
Newer types of ransomware attacks are more intentional and, in the end, more lucrative for the cybercriminal because they are ultimately able to gain access to and disable the entire organization. Businesses realize that if they don’t pay the ransom, they can’t operate. When businesses are forced to close, they lose valuable revenue.
Ransomware is also developing as a business. At first, cybercriminals and victims negotiated payment of a ransom over email. The more recent trend involves negotiation over a platform where demands and payment information can be seen by both the attacker and the victim. These so-called cybercriminal businesses are even hiring people to work for them and selling malware to others for use in crime. There are several well-known ransomware gangs, including Ragnar Locker. The FBI has issued warnings on other groups including LockerGoga, MegaCortex, Maze, Netwalker and ProLock ransomware.
According to one report by the insurance company Coalition, the number of ransomware attacks decreased in the first part of 2020 but the attacks were much more severe than past attacks. Coalition attributes the increase in the severity of attacks to the increasing number of employees that are working primarily from home or some other remote location. This number will settle around 20 to 30 percent in the near future.
Most businesses have insurance that offers protection against ransomware attacks. In the first nine months of 2020, one insurance company reported a 27% rise in insurance claims for cyberattacks and security incidents. However, it would be irresponsible for a business to rely on insurance as their sole means of protection against cybercriminals. Each business should have a solid plan that includes:
Cybercriminals are a real threat to a business. It is beneficial to constantly review and make changes to your security systems in order to stay ahead of the threat. For a free cybersecurity consultation, contact Outsource IT Solutions Group at (630) 701-3393.