Insights

Ransomware Amidst a Pandemic
Potential for catastrophic loss if stringent cybersecurity protocols are not followed


GettyImages-1272168490.jpg

Ransomware demands and payments continue to escalate. In fact, cyber risk assessment firm NetDiligence found the average requested ransom amounts rose 200% from 2018 to 2019, averaging $115,123 in 2019. According to Crypsis Group, a leading digital forensics company, the highest ransom paid was on average $5 million and the highest demand was $15 million.

What Is Ransomware?

Simply stated, ransomware is a type of malware designed to deny access to a computing system or data (usually via encryption) until a ransom is paid. In 2012 when ransomware first emerged on the cyber landscape, demands were anywhere from $500 to $50,000. With demands today in excess of $20 million, it has become clear these numbers are not going down. Ransomware has become an increasingly prevalent threat to organizations worldwide and recent attacks have shown that all companies, regardless of industry or size, are at risk.

Ransomware is an ever-evolving attack tool and even the simplest form can cost a company significant time and money. The more severe strains can cripple a company completely. Even worse, hackers have a tendency to duplicate successful attacks and hit victims repeatedly. In addition to the actual ransom payment, companies suffering downtime, even if not significant, are likely to experience a substantial decrease in consumer trust. According to Coveware, the average number of days companies were down due to an attack is 16.4

While all industries may fall prey to an attack, governments, educational institutions and professional services firms are frequent targets due to their lack of cybersecurity preparedness, typically resulting from a lower budget compared with larger, more regulated industries. The most common ransomware attack vectors are remote desktop protocol compromise, email phishing and software vulnerabilities.

Simple Best Practices

While ransomware attacks are prevalent and increasing in cost, there are several basic risk mitigation techniques companies can employ to avoid falling prey to an incident. They include:

  • Educate and regularly test employees. Conduct regular social engineering and phishing campaigns so employees can recognize suspicious emails and avoid clicking on unfamiliar links.
  • Back up your files often, ideally on a cloud backup service. 
  • Segment your networks to keep critical computers isolated and prevent the spread of malware in case of attack.
  • Lock down admin rights on desktops and disable remote desktop protocols (unless and until there is multi-factor authentication (MFA) in place). 
  • Patch often to avoid falling prey to known vulnerabilities that hackers target. Include desktops, laptops, servers, applications, browsers, mobile devices and web plugins. This includes turning off any auto-update features.
  • Have a crisis plan. This includes having pre-established relationships with expert privacy counsel and cybersecurity vendors. Since ransomware payments are usually demanded in the form of cryptocurrency, it is important to ensure your cybersecurity vendor has a bitcoin wallet.
download full article