Site icon Infused Innovations

Why Ransomware Is Still a Problem

Why Ransomware Is Still a Problem 1
Graphic shows how ransomware is still a problem and the process of a ransomware attack.


There’s a misconception out there that ransomware is declining and becoming a threat of the past. This assumption can be dangerous, though, because it’s not accurate—as our own interns have learned. Ransomware attacks did decline over the course of 2018, but that lull didn’t end up being a continuous trend. Increased ransomware attacks and their severity in 2019 suggest that we should be more concerned than ever. Coveware’s report from quarter 4 of 2019 shows that the average ransomware payment more than doubled that in quarter 3. McAfee says that it has increased 56% over the past four quarters, and Comparitech predicts that this problem will continue to increase at “an incredible pace.” RSA Security also predicts that future ransomware attacks will disable account access in addition to data and files. It looks like ransomware is now cybercriminals’ most preferred method, and it’s not going away anytime soon.

How ransomware works

As with pre-cyber traditional ransom, a perpetrator holds stolen valuables hostage until a payment is made to retrieve them. Hackers can take over data, a website, or an entire computer system and demand payment to get access back. They encrypt the data or system, allowing decryption only with the ransom payment (which, by the way, is just about always transacted in Bitcoin). This payment can be a nominal amount across a wide group of people or a very large sum from a big corporation, government agency, or even a city. (Hackers demanded $76,000 in Bitcoin when they attacked Baltimore last year. The city refused to pay it and was able to fix its own computer systems–but that took a lot of time, inconvenience, and a much higher net cost in the end.)

The evolution of ransomware

Originally, ransomware’s goal was quantity. Attackers targeted large numbers of computers through spam emails and malicious URLs that hosted exploit kits. But cybercriminals have increasingly taken a different approach more recently. In 2019, many attackers seem to have been more interested in finding good, high-value targets and spreading laterally through those networks rather than over the internet. Once penetrated into one of these high-value systems, the attacker then aims to hit as many endpoints as possible to make that victim’s attack devastating. Then, the perpetrator demands a higher ransom than in the broader attacks of the past. Coveware puts the average payment in quarter 4 of 2019 at $84,116–with ransoms as high as $780,000 (in the Ryuk ransomware variant). And that’s not even considering downtime, which also costs a company a lot in decreased productivity. Average ransomware downtime has also gone up, from 12.1 days in quarter 3 to 16.2 days in quarter 4. So, ransomware is becoming more costly, more time-consuming, and more devastating.

Now ransomware criminals have formed a sort of underground economy, offering Ransomware as a Service and making it easier for inexperienced criminals to get involved by purchasing access to tools. Read more about that here.

Ransomware is still a problem and how to protect against it

Business data has been encrypted. malware attack. ransom malware name is wanna cry. vector illustration.

While ransomware is still a problem with growing consequences, the capability of enterprises to protect against it is also increasing. So, the good news is that we have tools to ramp up your security and keep ransomware attackers at bay. Here are some recommendations to protect yourself:

Exit mobile version