Ransomware, which first popped up in 1989, has since evolved and is more prevalent today than ever before. To put it simply, ransomware is malware that employs encryption to lock users out of their device, and/or blocks access to crucial data. A sum of money is then demanded in return for access to the information, AKA ransom. The most notable effects of falling prey to ransomware almost always bear major financial consequences, and can include downtime, data loss, or even intellectual property theft.
Ransomware on the Rise.
Ransomware and their variants are rapidly evolving. It is reported that ransomware grew a staggering 118% in the first quarter of 2019. Based on volume, the top three ransomware families that were most active in Q1 were Dharma, GandCrab, and Ryuk.
Many variations of ransomware exist. We often see ransomware and other malware being distributed via email spam or through targeted attacks. But in Q1 of 2019, an increasing number of attacks are gaining access to companies that have open or exposed remote access points, such as RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing). RDP credentials can be brute-force hacked, obtained from something as simple as password leaks, or even bought in “underground” illegal markets. To note, Dharma was using the RDP attack method, while GandCrab and Ryuk used mostly spear-phishing to conduct their… business.
The Impact Today
Earlier in 2019, cybercriminals targeted the city of Riviera Beach, Florida. After ransomware attacks lead to major disruptions in municipal services, city leaders complied with the demand of 65 bitcoin (worth over $600,000) in exchange for the decryption key. Although it’s not often suggested, we’ve seen several victims give in to cybercriminal extortion, often paying the ransom demand of hundreds or thousands of dollars in order to restore their systems.
Though it may seem like a worthwhile “investment” to return your business back to working order, you’re still placing your trust in a criminal. There is never a guarantee that you will receive a decryption key, and you could be out a large sum of money on top of your lost or stolen data.
Defending Against Ransomware
It’s hugely important to develop a proactive disaster recovery plan to increase your chances of withstanding any and all ransomware attacks. To help steer clear of ransomware, below are a few tips to follow:
- Defense – Robust and comprehensive security solutions can protect you from known threats as well as those that have not yet been detected. Always downloading the latest version of your operating system and its security suite can help you stay ahead of threats.
- Back up your data – Frequently back up your essential data, ideally storing it both locally and on the cloud. Multiple back-ups are key to never becoming a victim of data loss.
- Stay informed – There are many online resources to that aim to provide prevention education when it comes to cyberthreats, especially ransomware. The playing field is changing every day, so making sure you’re always in the know when it comes to cybersecurity is an invaluable tool for your defense.