Phishing has been on the rise in form or the other, ever since users have started to use emails, messages, phones, etc. Every other month, around 1.5 million new phishing sites are created by cyber-criminals and add to the growing cybercrime world. Several of these sites employ ransomware as a tactic in order to extort money from unsuspecting users who accidentally click on a fraudulent link in an email or text message sent to them.
Sometimes they fall prey of a dubious phone call, seemingly coming from a bank employee or tax department personnel. Ransomware is a form of malicious software developed to steal user credentials most of the times and encrypt user files, folders, etc. and ask for ransom often in the form of cryptocurrency. According to industry experts; it costs around $75 billion in combined losses to the market every year.
Although there are many disaster recovery plans in place which can be used by organizations to cope with the current crisis, surveys suggest that when faced with a ransomware attack, the majority of organizations opt to pay the adversaries off rather than counter the threat via other means available to them.
History of Ransomware
How historical trends show us that Ransomware attacks are often paid off. The late 1980s saw the advent of the “PC Cyborg” ransomware program which would encrypt all files in a user’s drive and would demand that they renew their license by paying off a specified amount.
Although initially, it did not pose much of a threat for tech-savvy people, the encryption technology used in the attacks advanced significantly over the next ten years and would lock users out of their systems indefinitely and demand ransom in exchange for the safe return of their essential data.
Around 2012, ransomware started being used along with social engineering tactics, which would panic users into paying the demanded ransom. Victims were locked out of their desktop and were shown a fake but official-looking page pretending to be from the FBI or Interpol. The Ransomware would then claim that the user had committed an illegal activity such as fraud.
They were directed by the site to pay a “fine” ranging from $100 to $3000. Victims were thus tricked into feeling guilty using social engineering tactics and usually paid the fine off. Over the last five years, the outbreaks have become even more dangerous.
With the recent on-going development in encryption techniques and the rise of cryptocurrency such as Bitcoin (which gives the hackers anonymity from being recognized), Ransomware programs such as Cryptolocker have used military-grade encryption, making receive encrypted data unviable for users without a valid decryption key. Thus it seemed to them that the best option remaining was to pay the ransom instead of waiting for a solution.
Ransomware Attacks On Businesses And Organizations
In the last half of 2018, it has been noticed that ransomware attacks are now increasingly targeted at enterprise systems, and the trend is shifting away from consumer system attacks. Cybercriminals are now targeting government agencies, top hospitals, and other commercial organizations to receive bigger pay-outs.
GandCrab ransomware has been behind the majority of ransomware attacks since early 2018. It holds about 40% of the ransomware market and has raked in somewhere around 300 million dollars. Its individual ransom demands average at around $600.
Uber, a technical giant recently paid off over $100,000 to keep hackers from revealing the personal data of around 57 million customers and drivers.
Recognized as among the best blackmail tactics of the digital era, it is nowadays a common belief that paying off such ransomware attacks is a more comfortable and cheaper solution than going through the complexities that corrective actions often require.
This is often because regulatory and disciplinary actions taken by governments and accusations levied on organizational leadership hamper the brand image of several companies. Due to the prevalence of such extensive data breaches, companies are now prepared with their Bitcoins wallets in order to streamline the process of paying an attacker. Experts also add that there is no defined statistical data available to find out the exact number and identities of commercial organizations which have paid off the attackers. Enterprises have made amends with the way things are in order to protect their reputations.
How Organizations And Individuals Can Avoid Future Ransomware Attacks?
Most un-affected enterprises operate under the assumption that they will not agree to the demands of the attackers. However, organizations which have been attacked in the past often pay off the ransom demanded due to the fear that their sensitive information might get compromised.
When organizations quietly pay off the ransom amount, it generally implies that they don’t want the public to know about breaches in their security. At times, such a situation can backfire at enterprises since once attackers are aware of their vulnerabilities, they can exploit the same vulnerability repeatedly.
To prevent your computer systems and networks from ransomware attacks, follow the steps mentioned below:
- Do not pay off the ransom as it does not guarantee your data back.
- Learn to identify the type of ransomware that you suspect is in your system and check if it is an encrypting, screen-locking, or fake ransomware.
- Report to authorities of any such attacks
- Be prepared and have an incident response plan in place.
- Send out regular communication to employees, warning about common scams and attacks to prevent exploits and ransomware
- Keep your antivirus, anti phishing software, operating system up to date and enable the pop-up blockers in your computer systems.
- Refrain from opening any attachments in an email or text message or on any website that may appear suspicious.
- Keep the regular data backup and recovery systems in place when needed
- Train and educate your employees in identifying and responding to ransomware attacks by raising the alarm straight away.
Prevention, as it is said, is often better than the cure.