What You Need to Know About Ransomware Attacks
Ransomware has quickly become the biggest threat to digital security in modern times. It’s not an exaggeration to call some attacks terrorist attacks like the ones targeting hospitals that lock up computer systems preventing doctors from doing their jobs. On a corporate level, Sophos, a cloud security company, estimates the average cost of a ransomware attack was $1.81 million in 2021. We’ll explore what makes ransomware attacks such a threat and how individuals and companies protect themselves.
What is a Ransomware Attack?
In simplest terms, a ransomware attack encrypts all the data on a computer making it unusable. The data is held ransom until payment is received, usually in bitcoin. Then the attacker can and usually will unlock the data.
Ransomware has become so common and profitable that it has spawned multiple industries. Many digital security companies now specialize in ransomware prevention and recovery. But, ransomware itself has become an industry. Malicious computer programmers create easy-to-use ransomware platforms that anyone can launch an attack from.
It’s important to note, most corporate victims are willing to pay the ransom. Large companies can lose thousands or even millions of dollars due to loss of productivity. They are okay with the short-term loss if that means they can make even more money. Additionally, even with digital security experts, recovering all the data lost for not paying the ransom is very low and can take a very long time to get back up and running.
Why are Ransomware Attacks So Dangerous?
At first glance, ransomware attacks may not seem like a huge issue for most individuals. Many people can afford to pay a few hundred dollars to get their computer back or maybe they don’t care about the data and will just reformat their computer and start over for free. But, there are many more people who are not as lucky.
Even if a victim pays the ransom to unlock their data, there is also no guarantee that the attackers will unlock the data. Many victims report that they paid the initial ransom only to be hit with additional payment demands. If there is sensitive information on your computer, the attackers can make a copy even if they unlock your data. Attackers can plant malware on a system even after they unlock your data. In short, you are not safe even if the ransom goes smoothly.
On a larger scale, ransomware attacks can cripple massive companies. Kia Motors, Bose, Accenture, Acer, Guess, The NBA, and many others have all been victims of ransomware attacks. Hitting such profitable targets encourages others to commit ransomware attacks making them more common. If we see a surge of ransomware attacks, groups may begin to attack smaller businesses and individuals en masse as larger targets beef up their security.
Infrastructure is especially vulnerable to ransomware attacks. One of the most high-profile attacks was on the Colonial Pipeline causing oil prices to skyrocket across the US. Reports indicate the hackers accidentally damaged the infrastructure causing further delays, but the damage could just as easily have been intentional. Schools and hospitals have also become a common target for attackers leading to leaked personal information and delay in medical care.
Why are They Everywhere Now?
Ransomware attacks are in the headlines now but the first recorded ransomware attack dates back to 1989. The AIDS Trojan AKA “PC Cyborg” was the first known ransomware attack and the malware was loaded onto floppy drives and distributed at an AIDS conference hosted by the WHO. As time went on, the attacks became more sophisticated and it led to the WannaCry attack in 2017. This is the biggest attack to date and caused over $4 billion in losses.
The WannaCry attack proved that ransomware attacks can be effective and profitable. Since then, ransomware attacks have increased by more than 2,000%. The primary driver behind the surge is ransomware software being made easily available. Anyone with the money and connections can buy a fully functioning ransomware software platform and launch attacks with minimal computer expertise. For criminals, it has become a business opportunity and dubious computer programmers can reap the rewards with minimal risk to themselves.
What can You do to Protect Yourself?
The best way to protect yourself from ransomware attacks is to be informed and stay vigilant. Most attackers gain access to your computer through phishing attacks. This means they’ll send fake emails or other communications pretending to be a legitimate associate and trick you into giving them control over your computer. Be wary of suspicious emails and do not give out personal information to anyone unless you can verify their identity and many times sensitive information is not needed anyway.
Another way an attacker can gain access to your system is by pretending to be you. They might call your company or someone who can legitimately access your system and ask to give them access. This is where having strong and unique passwords as well as two-factor authentication is important.
Less commonly, attackers can also gain access to your system by exploiting a weakness in your system. It could be through a browser, a program, the operating system, or even your router. Make sure to update everything as frequently as possible to prevent attackers from using known weaknesses.
Finally, if all else fails, keep a backup of your data. Make sure to regularly make copies of your important files and back them up on an external hard drive or in cloud storage. Make sure your external drive isn’t always connected to your computer to prevent the attackers from encrypting your backup as well. This way, if you are attacked, you can simply reformat your system but still have all your important data.
Hopefully, this will help you understand ransomware, the attackers, and ways to protect yourself from future attacks. Remember, vigilance and preparation are the keys to stopping a ransomware attack.
