What is Ransomware and Why is it Still a Threat?
Ransomware is a huge security problem that organisations worldwide are having to tackle. It’s one of the most common forms of cybercrime out there, and no organisation is exempt from being a target – except for those who have sufficient levels of security protection.
Ransomware is a type of malicious software (malware) that can encrypt files on everything from a single device to an entire network. When a hacker has successfully got hold of some of your data, you are left with very little options of what to do. The hacker knows this of course, and holds this data ransom, forcing victims to pay large sums of money to have their data back.
We can probably all think of certain data right now that if in the wrong hands, could cause serious problems.
What does a ransomware attack look like?
Cyber-criminals are in it to make money, and their attacks are increasingly smarter. Their attacks are often personal, and on the surface can look harmless. Some ransomware infections start with an employee simply clicking on an attachment that looks normal but actually opens the door for malicious software to flood in and encrypt the network.
Some of the big types of ransomware to keep an eye out for look like these:
A huge ransomware attack took place in 2017 across the globe. In total, over 300,000 victims in 150 countries were victims, including a third of NHS hospital trusts. This attack cost the NHS a whopping £92 million in damages due to the disruption of work and ransom demanded.
Shortly after the WannaCry attack, the world was hit by another ransomware attack – NotPetya. This nasty attack encrypts victims files and also can encrypt entire hard drives by overwriting the master reboot record. This results in computers being completely non-operational, costing businesses thousands.
In the same year, Bad Rabbit appeared and attacked predominantly in Russia and Ukraine. Much of its code was shared with Petya, suggesting that there was a link between the two.
Much more recently in spring 2020, universities and charities in the UK, USA and Canada have been attacked through their cloud computing provider. Blackbaud is one of the largest providers of education administration worldwide as well as fundraising and financial management. Read more here.
It’s always useful to be aware of the ransomware attacks of the past as well as more recent attacks to ensure that you are as aware and vigilant as possible.
How much would a ransomware attack cost you?
The first immediate cost with ransomware attacks is, of course, the ransom. This can vary depending on the size of your company and the sophistication of the ransomware.
However, it is fairly common for hackers to demand millions of pounds, usually through Bitcoin.
Hackers are unlikely to demand smaller amounts of money because historically, they know data is valuable and that organisations will pay.
It’s also important to consider the cost of downtime for your organisation if ransomware affects the running of your business and the productivity of your network. As we saw with the WannaCry attacks of 2017, it cost the NHS £92 million due to the repercussions of the downtime.
Why is it a threat to me?
Any and every organisation is a potential target for hackers. Small and medium sizes businesses are a popular target though because they usually choose not to invest in the best cybersecurity available. This means that there are more blind spots, and more opportunities for hackers to infiltrate and cause damage.
Ransomware is increasing in its regularity and its success.
Sadly, it works.
How do I prevent ransomware attacks?
The best things that you can do is to invest in high-quality cyber-security solutions. This includes comprehensive security software as well as efficient training for every employee.
Ensure you are not an easy target.
It’s far better to invest in cyber-security provisions now than suffer paying significantly more in a ransomware attack in the future.
Every organisation can be targeted. Make sure you’re not one of them.