Ransomware Attacks

Arthur 11 Oct, 2022 1261 Views
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
LoadingLoading...

Malware has come into a new age with attacks on computer systems increasing rapidly. What is Ransomware? It is a form of malicious software that targets your computer limiting access until you pay a ransom. In the last few months, hackers have actively resumed ransomware attacks.

Simply put, hackers are hindering people from accessing their networks and asking for huge payments to regain access. The hackers have managed to cripple government networks. The New York Times ran a report on February 9th about a maritime cargo facility shutting down temporarily.

Small businesses were crippled and hospitals were forced to turn away patients. These events were blamed on ransomware in which entire computer networks shut down. The hackers then demanded colossal amounts of money to have them running again.

How often do these attacks take place? This may not be known since lots of victims choose to pay the ransom without informing the authorities. However, ransomware attacks show a sharp increase in cybercrime.

History Of Recent Ransomware Attacks

Ransomware is not new. Hackers have been demanding ransom money for access to computer systems for years. The first ransomware happened in 1991. It was called PC Cyborg and was spread by a biologist. The biologist sent floppy disks to fellow biologists researching AIDS.

The first ransomware to use encryption was Archiveus which rolled around in the mid-’00s. Luckily, this one was defeated a while ago. Its password is even available to the public on Wikipedia.

‘Police’ ransomware packages came about in the 2010s. They were given the moniker ‘police’ because they were ostensibly warnings from the police about illicit activities by victims. Their ransom demand came in the guise of fines.

They were able to capitalize on the recently introduced anonymous payment services and got away with it. Then the new trend of using cryptocurrencies to pay ransoms emerged. Cybercriminals were impartial to this method because it was untraceable and completely anonymous.

Most of the hackers preferred to be paid in bitcoin before it rose in value and popularity. They moved on to other currencies as a result.

The Mid 2010s, saw ransomware virus rising rapidly to the point where they were deemed a catastrophic. However, they seemed to fizzle out in favor of cryptojacking by 2018. Cryptojackers were so sneaky that their victims were barely aware of their actions.

Recent Ransomware Attacks

Ransomware attacks are not about to be history anytime soon. At least that is what recent data indicates. What with more hackers threatening to expose sensitive data from their victims? If the victims refuse to or cannot meet the hackers’ demands, then their data may be used for nefarious purposes.

Also, they threaten to use the data in future spam attacks if their demands go unmet. The new ploy is known as ‘double extortion’. It reared its ugly head in late 2019 but several cybercriminals have taken a shine to it in 2022.

Hackers push their victims to the brink by posting sensitive data to affirm their threats. This is bound to be calamitous and victims may be forced to either pay up or close down.

Ransomware target big and small businesses alike. In ransomware in 2022 news, a cargo transfer facility was forced to shut down for over thirty hours. They gained control of the company’s industrial control systems. They also had in their power files that were essential to their process operations.

At least three-quarters of ransomware end up in data being encrypted. In the last year alone, 51% of businesses were affected by ransomware. Most of these attacks resulted in data being encrypted. At least 26% of the victims paid a ransom to get their data back.

26% of victims whose data was encrypted got their data back by paying the ransom. A few of those who paid the ransom did not get their data back. However, 95% of businesses that paid the ransom got back their information.

Also, most of the organizations got back data that was encrypted. Many got their information back through alternative options such as backup rather than paying the ransom.

A further 1% paid the ransom but didn’t get their data back. Overall, 95% of organizations that paid the ransom had their data restored. When you pay the ransom, you multiply the cost of enduring a ransomware virus attack.

There are various factors to be considered concerning the costs of a ransomware. These include lost opportunities, downtime, device, and network costs. Add the cost of the ransom and the expenditure goes through the roof.

Ultimately, an organization that refuses to pay the ransom may run up costs amounting to US$732,520. On the other hand, those that pay the ransom will double their costs to about SS$1,448,458.

The private sector is more likely to be targeted by ransomware than the public sector. The numbers run at 45% of public sector organizations hit by ransomware to 60% of private-sector ones.

That is in the last year alone. The organizations hit include the entertainment and leisure industries as well as the media. Moreover, many of the successful ransomware viruses include data saved in the cloud.

A weak link in many of the organizations is found in their cybersecurity insurance. While many have cybersecurity insurance, only a few have invested in ransomware insurance covers. The advantage of this insurance cover is that it pays the ransom should your business be affected.

Organizations that have a ransomware cover are highly likely to have the ransom paid by their insurance company.

Top 5 Latest Ransomware Attacks

Every month of the year, several ransomware spreads. Ransomware statistics indicate that over 70 reported cases by the end of May. The records may hit the hundreds by the time the year ends.

  • Travelex
  • Redcar Council
  • CPI – California
  • Energias de Portugal (ADP)
  • In Sports Head Office

Travelex: The attack on Travelex on New Year’s Eve compromised the company’s websites in over 30 countries. This resulted in utter disarray for foreign exchange transactions in the first month of the year. The hackers allegedly demanded a $6 million ransom.

Redcar Council: An attack on England’s Redcar Council had employees resorting to the traditional pen and paper. A ransomware attack on the company rendered 35,000 United Kingdom residents unable to access public services online.

CPI – California: The defense contractor was forced offline by a ransomware. The company had to part with approximately $500,000 in the January attack. By March, they had not yet resumed operations.

Energias de Portugal (ADP): Cybercriminals attacked the huge Portuguese energy company in April. The criminal demanded a hefty €9.9 million!

In Sports Head Office: In New South Wales, In Sports Head Office was dealt a heavy blow by a cybercriminal. They were not able to confirm what data was compromised. However, they confirmed that REvil/Sodinokibi ransomware was used in this attack.

How To Prevent Ransomware?

Several industries, including finance and healthcare, have been ravaged by ransomware. Consequently, many businesses have invested in ransomware prevention and response. No company big or small is immune to attacks from cybercriminals.

Ransomware virus attacks on government systems have led to complete shutdowns of IT systems. Many organizations opt to pay the ransoms to resume operations as soon as their data is restored.

The impact of a ransomware can be devastating as it may result in the loss of crucial data. Here are some examples of ransomware viruses attacks and their consequences:

Crypto Ransomware: It prowls through your computer or network in search of specific data that is important to you. It then collects data such as images and PDFs as well as texts. If you fail to comply with their ransom demands, your data is gone forever.

Locker Ransomware: This one locks your entire system and hinders you from logging in.

Scareware: It limits your access to the data as well as the system. The only difference between this and locker ransomware is its ransom methodology.

Doxware: This one threatens to expose sensitive information such as personal identification and financial information on the internet. You are required to pay a ransom to prevent this.

There are lots of anti-virus products to choose from to protect your data. Investing in a good one is crucial for any organization. Here are some preventive measures you can take to protect your data.

Identify Ransomware Behavior: Organizations can identify ransomware behavior by installing ransomware protection software. Ransomware can be traced because they have observable patterns. Once these are detected, they can be blocked.

One way is to develop a snare such as files that seem real to them. The cybercriminal is triggered and will most likely come after the bait. However, this measure only works to reveal the hackers’ scheme.

Backing Your Systems Up: A system backup saves you a lot of grief if your data should you lose your data or get hacked. Have it backed up both on the cloud as well as locally. It is a convenient way of ensuring you’re your sensitive data does not fall into the hands of cybercriminals.

Should a ransomware virus hit your system, the backups allow you to clean up the affected system. Then you can repair it with your updated backup data. Backing your data up in the cloud offers further protection.

Restricting Access to Your Data: This is done through network segregation and is important for all kinds of cyber threats. When access to data is restricted, even cybercriminals are not able to get to it easily. Segregating network safeguards data in the event of a ransomware virus attack.

Anti-Malware/ Anti-Ransomware Software: The anti-virus in place may not have all the necessary features to catch and remove ransomware. The best security software is threefold. It contains anti-virus, anti-malware, and anti-ransomware protection. These must be routinely updated and reviewed.

Disable Vulnerable Plug-ins: Plug-ins such as flash offer an easy pathway for hackers to corrupt your system. They can use them to launch an attack and infect your system. This renders all your data vulnerable and it can be used to extort funds from you. Updating your plug-ins regularly is crucial to prevent your system from virus attacks.

File Extensions: All documents should include relevant viewable file extensions from trusted sources. It is necessary to protect the system from downloading inconsequential documents that may be coming in from suspicious sources.

Ransomware Awareness in the Workplace: Human error is to blame for most ransomware virus attacks. The solution is to ensure the employees are aware and sufficiently trained to prevent and handle it. Workers must be aware of the many hacking techniques that exist.

They should know not to click on unknown links or checking out malicious content as the ramifications could be dire. All links and attachments should be verified before they are opened and the source carefully analyzed.

Also, ransomware virus attacks can take a variety of forms. Phishing is simply one among many. Employees who work remotely must use open or public Wi-Fis. Hackers can easily access these and attack your system.

Create Strong Passwords: Weak passwords are very easy to break. Avoid using easily accessible information such as your birthday to create passwords. Also, using the same password to access all your accounts allows hackers to access your system.

Ultimately, do not use information that is readily available to create your passwords. Some passwords are made up of information that can be easily accessed via the victim’s social platforms. These are weak and will take no time for even a rookie hacker to figure out.

Hence, companies and institutions should uphold a strong passwords policy to deter any cybercriminals trying to get in.

Reject Attachments and Emails from Unknown Sources: A large number of ransomware viruses access computer systems via email. When you download malicious content, you may corrupt your entire system and allow the cyber crooks in.

Conclusion

Ransomware attacks have left companies and institutions reeling in the wake of the devastation caused. Companies must invest in security software that will deter cybercriminals from accessing sensitive data.

Also, training the workforce to detect and prevent these attacks is crucial. Additionally, businesses must always keep their data backed up locally as well as in the cloud.

As the malware continues to evolve, so does the software to detect and eliminate it. Companies must always remain one or more steps ahead of hackers to keep their computer systems safe.

See Also:

EDR

Best Endpoint Detection & Response