How many articles have you read that highlight the devastation of a ransomware attack? Convinced a ransomware attack won’t happen to you? Are you willing to bet your business on it?
Projected to attack one business every 14 seconds by the end of this year, ransomware attacks are not just heavy on the purse but can have a devastating impact on lost sales, customer relationships, brand reputation and overall compliance.
But what is ransomware?
Known as one of the most horrific methods of online attacks, Ransomware is the crippling cyberattack you want to avoid at all costs.
It is a type of malware that upon infecting a device, blocks access to it or to some or all the information stored on it. In order to unlock either the device or the data, the user is required to pay a ransom, usually in widely used e-currency.
How does ransomware work?
Infecting computers, mobile devices and networks ransomware not only disrupts business activity, but to restore data you must pay exponential amounts of money to the ransom holder for the decryption key.
With the knack of destroying everything digital, it has the power to bring your business to a standstill through one click of a button.
How do I get ransomware?
There are several different ways that ransomware can infect your computer, with the two most common including malspam and malvertising.
Malspam, known as malicious spam to the unsuspecting, uses social engineering to send unsolicited emails that appear to be from a trusted institution, with booby-trapped attachments and links to malicious websites set on delivering malware.
Malvertising, or malicious advertising, is the use of online advertising to distribute malware with little to no user interaction required. While browsing the web, even legitimate sites, users can be directed to criminal servers without ever clicking on an ad. These servers catalog details about victim computers and their locations, and then select the malware best suited to deliver. Often, that malware is ransomware.
The evolution of ransomware
Thanks to Artificial Intelligence (AI) and the proliferation of cryptocurrencies such as Bitcoin, ransomware is getting stronger. Backed up by robots analysing the algorithms of your digital behaviour and forecasting reactions based on activity, by eradicating the human element, ransomware has now become the digital doom that is better prevented than it is resolved.
Who does ransomware target?
Growing at a sophisticated pace, exposure to ransomware is becoming increasingly more prominent than ever before. With over 92% of malware delivered by email and the average cost amounting to a whopping 4 million, businesses are forced to protect valuable data quickly and cost-effectively with a future proof data strategy.
There are no limits to the ambition and audacity of attacks. The bigger the target, the bigger the damage and recovery costs. However, the most targeted sectors for a ransomware attack include (but are not limited to):
Enterprise networks: According to the NCSC, ransomware attacks against enterprise networks have continued to rise in number and sophistication. Sole Traders/Individuals: Individuals are targeted usually with smaller ransoms in the hope that victims would rather pay than go through the hassle of recovery. Public Sector: However, a recent string of high-profile ransomware attacks in the UK such as the NHS WannaCry attack highlights how cyber criminals are targeting the public sector and national infrastructure. Public organisations may not have the same level of security and expertise as the private sector. Critical services are also tempting for cyber criminals due to the high expectation of their continuity.
EXAMPLE: One of the biggest ransomware attacks in the UK included the 2017 Wanna Cry outbreak which bought the NHS to a standstill for several days afflicting over 200,000 computers in over 150 countries and resulting in the cancellation of thousands of operations and appointments and the frantic relocation of emergency patients from stricken emergency centres.
Types of ransomware to look out for
There are three main types of ransomware to look out for, in and among the crypto locker, mobile ransom, and mac ransom gremlins:
- Scareware: This tends to be an annoying popup stating that malware has been located and that you need to pay for a special software to remove it
- Screenlockers: When lock-screen ransomware gets on your computer, it means you’re frozen out of your PC entirely. It appears as a full-size window with an authority seal stating that illegal activity has been detected on your computer and you must pay a fine
- Encrypting ransomware: This is one of the worse types of ransomware, accessing and then coding your data, shortly followed by a high demand for a large sum of money in exchange for a decoder.
What does a ransomware attack look like?
It would be great if there was a big fat red flashing neon sign that lights up your computer screen as soon as you become under attack from ransomware. In reality, a ransomware attack can be as unsuspecting as a spam email – simple text with an immediate CTA directing you to the source of attack.
To many, it could read as innocently as an email from a colleague.
As a staggering 137.6 million new malware samples were reported in 2018, reaching 24.55 million within four months of 2019, the need to protect and prevent has become crucial to businesses across the globe.
Should you pay the ransom?
From AI integration to Blockchain, businesses need to combine next generation and intelligent technology addressing threats before the slightest risk of data invasion.
As the risk of a ransomware attack looms, the imminent question, is should you pay the ransom? In short, no.
The NCA strongly recommends you do not pay the ransom. Paying the ransom fuels the ransomware industry. You do not have any guarantees that paying the ransom will result in a full recovery of all affected data. If you are a victim of a ransomware that deletes a percentage of data every hour such as Jigsaw, you are paying and not even getting every file back!
Earlier this year, global aluminon provider, Norsk Hydro, experienced the devastation of a hacker’s attack. Bringing down 22,000 computers across 170 sites in 40 countries, the entire workforce of 35,000 people had to resort to pen and paper! Production lines shaping molten metal were switched to manual functions, and even long-retired workers came back in to help colleagues run things "the old-fashioned way".
However, Norsk Hydro refused to pay the hackers. Costing them £45 million and still clawing back the after affects three months after it happened, what they lost in productivity they have gained in reputation.
More recently, British rock band Radiohead thwarted an attempted digital ransom, in which unnamed hackers stole 18 hours of unreleased music dating back to the band’s recording of its studio album OK, Computer. Instead of paying a ransom to keep the music secret, Radiohead released the files themselves, giving listeners a chance to stream the content for free, or download it for a fee which would be donated to a climate change charity.
Europol's head of the European Cybercrime Centre, Steven Wilson summed it up in one hit:
How can I prevent ransomware?
Be prepared for the almost inevitable. Be proactive, not reactive. Especially if you’re in the cloud or an Microsoft 365 subscriber, according to the NCSC.
Block and attack at any entry point in your business, including mobile devices (your employees don’t even know that being glued to their network via an unsecured phone is a big, wide gate for ransomware). Step up your cybersecurity. Invest in regular cybersecurity training for all your staff.
Put a nanoscope on your infrastructure using AI to find malware or ransomware that might already be living and breathing in there without you even noticing. And, despite our best efforts to engage socially on slick platforms, emails are still king. Again, using AI to protect your data means lightning fast analysis with primed response ready to take urgent action.
Data protection shouldn’t be a logistical and financial minefield. Nobody needs extortionate upfront costs and sneaky upgrades that get added to your bill. You need a quick start with zero upfront costs.
In any disaster recovery situation, every second counts. Even with complete disk-image backups of an entire server, businesses still need to restore the system by moving data from backup storage to their production hardware which can take hours.
With over 15 years in the industry, 200,000 ransomware attacks prevented and managing over 5000 petabytes across the globe, to say Acronis are passionate about cybersecurity would be an understatement.
Thanks to Acronis Cyber Protection, the integrated technology is transparent to the hypervisor, enabling virtual machines to start, operating systems and applications to run almost instantaneously; allowing business activity to continue.
Acronis Cyber Backup is the only active, AI-based anti-ransomware solution on the market. Safeguarding all data for any environment, deployment, workload, and storage, with any recovery method, it focuses on five levels of integration including safety, accessibility, privacy, authenticity and security.
Considered one of the biggest malware threats of 2018, ransomware has been predicted to increase by 300% year over year, continuing to hone down on small to medium businesses with devastating consequences.
Stop the gremlins and prevent ransomware with Acronis today!
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.