Cybercriminals are stepping up their ransomware attacks during this time of crisis. However, they’re not just hitting hospitals, they’re coming after everyone. With companies scrambling to adjust to remote working conditions, malicious actors are taking advantage of the situation. Attacks are “primarily via emails – often falsely claiming to contain information or advice regarding the coronavirus from a government agency, which encourages the recipient to click on an infected link or attachment.” And with phishing attempts up 667% since February, ransomware attacks show no sign of slowing down.
Ransomware Has Changed
Ransomware continues to make money with high earning attackers making up to $2 million per year, mid-level criminals making up to $900,000, and entry-level hackers making $42,000. The techniques continue to evolve and the price tags continue to climb.
Ransomware attacks used to merely encrypt data. Often, payment of the ransom resulted in a key that failed to work or left parts of the data or system broken. Times have changed. Now attackers extract data and will post it to the internet in the event of nonpayment. This kind of ransomware attack puts companies at risk of “the full ramifications of a data breach, which can include remediation costs, regulatory fines, customer notification, brand damage and loss of business.”
This means businesses need to do more than just have a good backup plan. Companies must know what data they are collecting, where it is being held, and keep it secure and encrypted.
Paying The Ransom Is Not Having a Plan
There are many reasons why a company may pay the ransom. Having insurance cover it is definitely tempting, but “both the number of ransomware attacks and the percentage of attacks that result in payment have increased every year since 2017.” One of the reasons for this is that criminals are getting paid. As long as they continue to find it profitable, they’ll continue to do it.
Last year, the US was hit by ransomware attacks resulting in a “potential cost in excess of $7.5 billion” with the average payout increasing “six times between 2018 and Q3 2019, bringing the average payment to $41,198.”
“Unlike the increases in reported ransomware attacks in 2018 and 2017, which were 20% and 9% respectively, last year’s reported incidents skyrocketed,” to 131% according to Beazley. In addition to the jump in overall attacks, ransom demands have also surged. The amounts demanded have increased exponentially, “with seven or eight figure demands not being unusual.” This is due to successfully getting victims to pay the ransoms in the past.
For point of reference, “In 2019, 56 percent of organizations were compromised by ransomware. In the three months since 2020 began, that number is already 62 percent.” And the cybersecurity insurance companies are having second thoughts.
Michael Palotav, chief underwriting officer for Tokio Marine HCC’s Cyber & Professional Lines Group, says that ransomware attacks are hitting “small business, middle-market and large accounts” in such a way that it “has resulted in a significant deterioration or elimination of underwriting profit for many markets,” making current insurance rates “frankly unsustainable.”
Your Business Is Not Immune — So How Do You Prevent or Mitigate Attacks?
No business or industry is safe from attack. All businesses no matter the size are at risk. Ransomware is designed to spread as fast as possible. Once inside the network, it will look for other easy places to reach. Any exposed system will be breached. If employees are not trained or aware of protocols, an attack has a greater chance of penetrating through your entire business.
Steve Piper, Founder and CEO of CyberEdge Group, advised companies to “invest wisely in products that continuously discover and patch vulnerabilities, uncover advanced threats using machine learning and artificial intelligence, and continuously back up their data everywhere” as well as “invest more in their people, including training and certification for IT security personnel and ongoing security awareness training for all employees. Never underestimate the value of the human firewall.”
Quick Review of Steps
• Discover and Patch Vulnerabilities — this includes VPNs
• Train Employees — any system is only as strong as the weakest link.
• Work with Dedicated and Trusted Security Consultants. These advisers will be able to design and implement a cybersecurity plan that reduces your exposure and recommend appropriate security solutions for your needs and budget.
• Keep Sensitive Data Highly Protected and Encrypted to reduce its risk of exposure and loss.
• Have a Disaster Recovery (Backup) Plan. In addition to a local back, this should include one located in the cloud where hackers are less likely to also get access to it.
• Do Not Pay The Ransom. Choose to prepare instead of paying criminals and fueling future attacks.