Ransomware Becomes Biggest Cyber Threat Facing Businesses
March 5, 2018
Ransomware is turning out to be the biggest cyber threat facing companies in 2017 after attacks more than quadrupled in 2016 from the year prior, according to a new study.
If you are not familiar with this fast-evolving cyber threat, typically the perpetrators will essentially lock down your database and/or computer system and make it unusable, then demand that you pay a ransom to unlock the system.
The "Beazley Breach Insights Report January 2017" highlights a massive and sustained increase in ransomware attacks.
Another report, the "2017 SonicWall Annual Threat Report," found that cyber criminals are shifting their attention from malware and other types of threat to ransomware - as evidenced by a significant decline in the former types of attack and a dramatic increase in the latter.
Here's what SonicWall saw in 2016:
- Unique malware attacks fell to 60 million from 64 million in 2015, down 6.25%.
- Total malware attack attempts fell to 7.87 billion from 8.2 billion, down 4%.
- Ransomware attacks exploded to 638 million attempts in 2016 from 3.8 million in 2015, up a massive 166 times!
SonicWall's report estimates that around $209 million in ransoms was paid in the first quarter of 2016 alone.
"It would be inaccurate to say the threat landscape either diminished or expanded in 2016 - rather, it appears to have evolved and shifted," said Bill Conner, president and CEO of SonicWall. "Cybersecurity is not a battle of attrition; it's an arms race, and both sides are proving exceptionally capable and innovative."
The unprecedented growth of ransomware was likely driven as well by easier access in the underground market, the low cost of conducting a ransomware attack, the ease of distributing it and the low risk of being caught or punished.
Ransomware is also growing in both sophistication and type of attack, and the hackers are proving to be inventive in how they can cripple your business enough to elicit the ransom.
When you are most vulnerable
And there are some times that businesses are more susceptible than others in being targeted for an attack.
"Organizations appear to be particularly vulnerable to attacks during IT system freezes, at the end of financial quarters and during busy shopping periods," the report states. "Evolving ransomware variants enable hackers to methodically investigate a company's system, selectively lock the most critical files, and demand higher ransoms to get the more valuable files unencrypted."
Ransomware enters a company's system in a variety of ways.
The most common method is when an employee clicks on a link in a bogus e-mail that opens the door to malicious code to start rifling through your systems. But more often, an employee unintentionally clicks on a link or sends information.
The types of attack will vary from industry to industry.
How Ransomware Infiltrates
- Hack or malware: 40%
- Insider: 7%
- Unintended disclosure 28%
- Physical loss: 6%
- Portable device: 6%
- Other/unknown: 9%
* Source: Beazley Plc (numbers for financial services industry)
- Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 in bitcoin to regain access to its data in February 2016.
- Lansing Board of Water & Light paid ransomware attackers $25,000 after they had paralyzed the company's information system in April 2016.
- A four-star hotel in the Austrian Alps paid 1,500 euros (about $1,600) in bitcoin after ransomware had locked up the computer running the hotel's electronic key lock system, leaving guests unable to enter their rooms.