Ransomware attacks skyrocketed 485% in 2020. Attacks on large companies like JBS (the world’s largest producer of beef and pork) shut down plants in multiple countries and had widespread impacts.
If you think you’ve been hearing more about ransomware in the past year than you have before, it’s not your imagination. Several factors have contributed to the rise of this specific type of malware and have made it one of the most dangerous types of attacks a business can face.
In the past year, there has been a 60% increase in ransomware attacks on Australian companies.
Any cybersecurity and business continuity plan should have safeguards in place to mitigate the risk of a ransomware attack. This includes IT security protections to prevent an attack as well as a response strategy to bounce back from an attack fast and without needing to pay the ransom.
What’s fueling the rise of ransomware? It’s a combination of several things.
Ransomware Is Particularly Devastating
If your network is infected with spyware, this can lead to a devastating data breach. However, it doesn’t immediately shut down your systems or make it impossible for you to conduct business.
Ransomware is one of the most devastating types of attacks because it generally brings business operations to a halt.
Ransomware uses a key to encrypt data so the user can’t access any of their files. It also quickly spreads across a connected network, even to cloud storage environments.
As soon as a company is hit, they generally know immediately because they may have software that stops working. For example, a patient management software is not bringing up patient records, a scheduling software can’t access any appointment data, etc.
It’s that jarring halt to operations and the related downtime costs that put companies in desperation mode when they’re attacked, making them more likely to pay the attacker.
Ransomware as a Service (RaaS)
Ransomware is no longer just one cybercriminal launching an attack. It’s become an entirely new business for large underground criminal organisations.
Ransomware as a Service (RaaS) is now offered in much the same way as Software as a Service (SaaS). Any wannabe ransomware attackers without any coding experience can simply sign up for a pre-packaged ransomware attack service.
This democratisation of ransomware attacks has fueled the steep rise in attack volume. Anyone can launch an attack now without prior expertise for roughly less than $100 per month.
RaaS is now responsible for nearly two-thirds of all ransomware attacks.
Most Victims Pay the Ransom
Companies keep paying the ransom, which further emboldens the attackers to continue hitting more businesses. Other criminals see how lucrative ransomware can be and hop on the bandwagon looking for a quick score.
Approximately 57% of companies that are attacked end up paying the ransom. As long as this keeps happening, it’s affirming to the criminals that they have a good business model, thus they’ll continue attacking more companies and re-attacking those they’ve already hit.
Too Many Companies Never Test Their Backup
Most companies know that they should have a reliable backup of all their business data. However, many of them begin backing up data, but never test the recovery process.
In a lot of cases where a company pays the ransom to an attacker, it did have a backup of data. But the backup was never tested it so company staff was unsure how long it would take for restoration and thought paying the ransom would be faster to get operations up and going again.
This is where the desperation factor comes into play. Companies are losing money each minute their operations are down and if they have never tested their data recovery process, then it’s an unknown how long it will take.
It’s important to regularly check your backup restoration during incident response drills. This ensures that you have time to optimise your process and can be ready for fast recovery in the event of an attack without needing to pay the attacker.
Large Criminal Organisations Are Optimising Ransomware Delivery
Because ransomware has become such a lucrative attack for large and small criminal groups alike, it’s become like any other process that a corporation would optimise.
Large criminal groups are improving the process of ransomware delivery, honing their phishing tactics, and making ransomware more profitable for them, and more of a threat to businesses around the world.
Workforces are Now Spread Out Between Home & Office
Due to the pandemic, workforces are now spread out between home and office. This has provided a vulnerability for attackers to exploit with phishing emails and attacks against home networks.
For example, one of the prevalent phishing scams going around tries to trick remote employees into thinking their office needs them to update their email passwords due to new IT security policies for remote teams. If a work-from-home employee isn’t keeping in daily contact with the office, they can easily fall for this type of ploy.
Reduce Your Risk of a Ransomware Attack With Help from Connected Platforms
Connected Platforms can help your Brisbane area business review your IT security strategy and put any needed mitigation and response solutions in place to shore up your defences.