Ransomware is a type of malware that can either encrypt all of your data (i.e., crypto-malware) or lock you out of your computer. Once the ransomware has infected your computer, it will ask you to pay ransom, usually in the form of cryptocurrency (i.e. Bitcoin), in exchange for decrypting your data or unlocking your computer.
Seven out of 10 malware payloads were ransomware. The three most common ways ransomware spreads are through ransomware infected emails, software vulnerabilities and security control and/or architecture weaknesses that can be exploited. In 2020, 73% of all ransomware attacks were successful
Ransomware attacks can be devastating, especially for small businesses that can’t afford to pay a ransom for their data. That’s why it’s important to stay informed about what ransomware is, how it works and the types of ransomware there are.
There are many types of ransomware, and with new ransomware threats constantly appearing, it can be a little daunting. According to recent ransomware statistics from cybersecurity firm Coveware,
these were the most used ransomware attacks in 2020:
- Maze — Data-stealing ransomware that threatens to sell your data
- Phobos — Ransomware that locks productivity documents
- REvil (Sodinokibi) — Ransomware program that’s difficult to detect
It’s important to remember that ransomware is a business -- attackers have a profit incentive. According to a study
by security firm Sophos, in 2020, 51% businesses were impacted by ransomware and it is expected that by the end of 2021 a company will impacted by a ransomware attack every 11 seconds. The COVID pandemic has made matters even worse as cybercriminals have started to attack new entities, including schools, healthcare providers, and government institutions. The recent U.S. Colonial Pipeline ransomware attack is just one of many examples.
Ransomware costs businesses billions of dollars each year which translates to about $8500 per hour. By the end of 2020, cybercriminals using ransomware had accumulated $20 billion in
ransom payments. That number is projected to reach $265 billion by 2031
, according to Cybersecurity Ventures.
The average ransom demand has reached $178,000 in 2020
. Fortunately for small businesses, the average is only $5,900. The highest reported payment was U.S. travel services company, CWT Global, in July 2020. The ransom settlement
was around $4.5 million.
So how do we protect ourselves against becoming a victim of Ransomware? For one thing organizations must have a reliable backup strategy, both online (cloud) and local, so that data can be restored before it was infected by the ransomware attack. Backups, however, can’t stop the attacker from still having your data and threatening to sell it on the dark web.
Organizations must have a robust defense-in-depth security strategy with a zero-trust model approach. They must have strong multi-layered encryption, adaptive multi-factor authentication, accurate data classification and proper role-based and/or attribute-based access control. Lastly, organizations require a comprehensive, easy to follow Security Awareness Training program to ensure their users are well-versed about the threats, risks, and consequences of an attack and how to work safe. Turn your users into “human firewalls.”