Ransomware: What You Need to Know Before, During, and After an Attack
“Your files have been encrypted. You have 5 days to submit the payment, or your files will be lost.” The ominous message glaring out from your screen isn’t farfetched—or even unusual. Instead, this common scenario plays out continually. By the end of 2021, ransomware attacks are expected to target global businesses every 11 seconds."
Ransomware is on a meteoric rise – increasing in frequency, severity, and sophistication. As ransomware has proliferated over the past year, more than half of organizations have fallen victim to an attack. With increasing attacks come higher financial and operational impacts, including ransomware payments and associated costs, operational downtime, and remediation efforts. In Q3 2020 alone, the average ransomware payment increased more than 30% over the previous quarter.
Driven by the COVID-19 pandemic, businesses have greatly accelerated their digital transformation efforts. From healthcare organizations to government agencies to manufacturing companies and every industry in between, the rapid shift to remote work generally has created wider attack surfaces and less secure environments. The result? A boon to cybercriminals.
What is ransomware exactly?
Ransomware is a type of malware that prevents access to a system or data until the victim pays a ransom. Using a variety of methods, attackers typically encrypt a victim’s files and render them incapable of opening. The attacker then provides instructions and requests a fee (aka, the ransom) in cryptocurrency from the victim, dangling a carrot in the form of a decryption key to unlock the encrypted data. Whether the victim pays or not, there is no certainty that the files will be returned or access restored.
In the world of ransomware, cybercriminals are the most common culprits. Cybercriminals conduct ransomware attacks for economic benefit. Ransomware tool kits are widely available for purchase on the dark web (think RaaS – Ransomware as a Service), enabling even less skilled cybercriminals to carry out ransomware attacks for profit. The ease with which attackers can execute ransomware attacks also contributes to its continued growth, notes the 2020 Data Breach Investigations Report.
Is my organization at risk?
Ransomware attacks impact individuals and organizations across industries and around the globe – no organization is immune. Small and medium-sized businesses remain popular targets, representing 62% of incidents (Beazley 2020 Breach Briefing). In contrast, 38% of ransomware incidents target the middle market.
While ransomware is an issue across industries, some are harder hit than others. Healthcare, professional services, and financial services alone account for more than half of ransomware incidents. The healthcare industry is among the most targeted, with financially motivated cybercriminals using ransomware attacks to exploit sensitive patient data.