What's Going On With the Sudden Rise in Ransomware Attacks?
/Does it seem like suddenly the terms “ransomware” and “cybersecurity” are everywhere? It’s not your imagination. The recent attacks on Colonial Pipeline and JBS, the world’s largest beef and pork producer, have been a cause for alarm.
Ransomware has been a particularly nasty form of malware that’s been around for a while. But of late it has started eclipsing other types of attacks like viruses or spyware due to the alarming rise in the volume and cost of the attacks.
Just 12 months ago, the average cost to remediate a ransomware attack was an already crippling $761,106, but now it’s more than doubled to $1.85 million per attack.
The costs included in that figure are:
Business downtime
Lost orders
Operational costs
Emergency remediation costs
And more
The recent attack on Colonial Pipeline shows just how devastating and urgent a ransomware attack can be. When the company was hit on May 7th with ransomware, it had to shut down pipeline operations. This is a pipeline that supplies 45% of the East Coast’s gas, diesel fuel, and other petroleum-based products.
People panicked and began hoarding gasoline causing major shortages throughout several states. The national price for a gallon of gas also rose higher than it’s been since 2014, to over $3.00 per gallon due to the ripple effects of the attack.
Then, while everyone was still reeling from that attack, global meat producer JBS was also hit with ransomware, leading people to worry about what that will mean to the beef and pork supply. Several factories had to be shut down for nearly a week.
So, what’s going on?
We’ll go through some of the main causes for the rise of ransomware and provide guidance on how to avoid becoming another ransomware headline through proper cybersecurity best practices.
Why Has Ransomware Become So Big?
Ransomware Often Results in a Full Shutdown
Ransomware is a form of malware that encrypts files and then rapidly seeks out other devices on a network. It infects all the files it finds on that device and continues.
It’s not unusual to have several devices and unprotected cloud storage accounts all infected in a very short time due to the way that ransomware rapidly spreads.
Once encrypted, users can no longer access the files. This causes companies to need to completely shut down in most cases because they rely on technology for their operations.
What happens next is that the attacker’s note appears on the screen demanding a dollar amount as a ransom. The promise being that if the ransom is paid, the hacker will provide the encryption key to unlock the files so the organization can resume operations.
Because of the immediate shutdown of operations, ransomware is a particularly urgent form of malware that tends to get a quick response, something that hackers see as a bonus.
More Than Half of Ransomware Victims Pay the Ransom
If you were selling various consumer products and one of them really started to take off. You’d focus more of your time and effort on that product that was bringing in the most revenue. Your competitors would probably take notice and begin producing their own version of that product to sell as well since it was so popular.
That’s similar to what’s happened with ransomware and why attacks have been exploding. It’s become quite lucrative for attackers as a money-maker, so they focus more of their attention on ransomware attacks.
Other hackers and cybercriminals, including large state-sponsored groups, are seeing that ransomware brings in the money and are perpetrating attacks as well.
When ransomware victims pay the ransomware (which 56% of them do), it further confirms to criminals that this is a good business model for them.
Criminal Organizations Are Offering Ransomware as a Service
Most people are familiar with Software as a Service (SaaS), which are cloud tools they subscribe to and use every day. Well, due to the lucrative nature of ransomware, criminal organizations have been looking for other ways to make money from it.
One of these is selling ransomware as a service, which democratizes these types of attacks. It makes it easy for anyone with the money to invest in the service to roll the dice on collecting a ransom. With more players in the game, no size company is safe. There will be attackers that specialize in large enterprises, while others see small businesses as low-hanging fruit.
Best Practices to Avoid Becoming a Ransomware Victim
Best practices for reducing your risk of a devastating ransomware attack follow the same standard for overall cybersecurity. One critical addition is the need to have a fast recovery process for your backup strategy to ensure you can mitigate downtime costs.
You should have in place the following safeguards:
Firewall
Antivirus/anti-malware
Multi-factor authentication on all logins
DNS filtering
Email phishing filtering
Employee security awareness training
Backup and recovery solution (with fast recovery)
Incident response plan that is practiced regularly
Patch and update management
Ongoing network monitoring
Get Managed Security to Cover All Your Bases!
Don’t risk falling victim to a costly ransomware attack. BrainStomp has managed IT services that cover all your bases when it comes to IT security best practices.
Schedule a free consultation today! Call 260-918-3548 or reach out online.