Ransomware and How to Prevent It
Updated: May 23, 2019
By Bob Hryniuk
It seems that for every good thing in life there is a crime to exploit it. Cyber activities are no exception, and with our growing addiction to all things "e", extremely sophisticated cybercrime has evolved. One type of malware that has been growing over the last 10 years is ransomware, and due to its financial success coupled with the failure of law enforcement to apprehend its perpetrators, it is predicted to continue to grow through 2018 and beyond.
Although ransomware has been around since about 2005, it has made large strides in recent years. Among the viruses that waged global attacks in 2017, the biggest menaces were WannaCryptor (also known as Wannacry) with its partner DiskCoder.C. as well as ExPetr and BadRabbit. Wannacry is a crytpoworm that invades Windows computers and demands payments in the form of Bitcoin cryptocurrency. It works with another exploit virus and automatically propagates itself into thousands of other devices. Older and unsecured Windows devices are particularly vulnerable. It should be noted that hackers modify and develop new strains of malware relatively quickly, which makes restraining them even more elusive.
In 2016, CyberScoop reported that the average ransom topped $1,000, and it is estimated that losses were $1 billion in that year. In 2017 attacks have caused losses of hundreds of millions of dollars. Barkly reports that a company is hit with ransomware every 40 seconds, and the average cost of a cyberattack is over $5 million. In March of 2018, a Twitter user published the code to a DDOS exploit tool, effectively enabling anyone to launch a ransomware attack.
Hackers initiating ransomware often work in organized gangs, and have become a sort of "Global Cyber Mafia". The lack of law enforcement is jaw-dropping. Because hackers work from many different countries, jurisdiction restrictions make it almost impossible to prosecute anyone who is caught. Some agencies are beginning to learn how to apprehend and shut down cybercrime operations, but much more of this policing is needed.
Interestingly, the percentage of ransomware that produced payloads dropped from over 70% in June 2017 to less than 5% be the end of the year. This is attributed to several factors:
General awareness about WannaCry and increased security
Fewer victims paid the ransom
Many hacker groups switched to cryptocurrency-mining malware, which provides a more effective alternative to ransomware
The cryptocurrency market is volatile and victims are not able to obtain or pay it
Even though current trends seem to be shifting away from ransomware to cryptocurrency mining, ransomware is still a big problem, and you can take actions to guard against it.
How Can I Prevent an Attack?
Blackmail attacks are preventable, but it requires time and attention that often goes overlooked.
Educate yourself and your business: Even though employees are the primary gateway of malware into a business, continual review and updates on the latest threats can be extremely effective in reducing vulnerability. Allow your IT team the resources needed to keep your network secure.
Security: Take a proactive, common sense approach to prevention both at work and at home. Use only licensed, up-to-date software, a reputable anti-virus and malware application with regular scans and updates. Utilize a good spam filter in your email and black-list websites that are considered unsafe.
Backup, backup, and backup: With secure backups, your files will be safe and malware will not be able to impact or shut down your business.
Read more about cybersecurity in 2018.
What are YOU doing to prevent cyber attacks? Share with us on social media.
About the Author - Bob Hryniuk is a Client Support Systems Coordinator at HigherGround, and maintains the Client Support systems that respond to alarms, troubleshoot and emulate customer issues. Bob has been with HigherGround for 10 years, and has prior experience in telecommunications and other electronic communications. Click here for more information on Bob and the rest of the HigherGround team.
HigherGround, Inc. provides best-in-class, reliable data capture and interaction storage solutions that enable clients to easily retrieve critical information. Our interaction recording and incident reconstruction solutions transform data into actionable intelligence, allowing optimization of operations, enhanced performance, and cost reduction.