By Cody Lents, Partner and Customer Steward at COVI, Inc.
If you haven’t already seen a headline about it, the use of a troubling form of malware continues to rise among hackers. Ransomware is a form of malware designed to encrypt files on a device, rendering those files and systems unusable. Malicious actors then demand ransom in exchange for decryption.
The numbers can be staggering. In Q4 2021, the average ransom payment reached $322k, which is 130 percent higher than the previous quarter. The median ransom payment amount was $117k up 63 percent compared to Q3.
According to an analysis published by Coveware, which looks at ransom negotiation data from Q4 2021, ransomware groups now demand higher ransom payments instead of increasing the volume of their attacks.
Law enforcement has tried – but has largely been unsuccessful at – tracking down those responsible for ransomware attacks. However, there have been some arrests over the years, forcing hackers to narrow their targeting scope to maximize the efficiency of their operations.
While the impact is devastating for small businesses, law enforcement has little recourse to help. However, disrupting the operation of large organizations provokes full-scale investigations and creates political tensions on the international level, and crooks are now striving for a delicate balance. So, who is their target now? Hackers are looking at firms that are large enough to receive hefty ransom payment demands but not big or critical enough to cause them more geopolitical troubles than gains.
New data also suggests that companies who employ over 50,000 people experienced fewer incidents, as hackers chose to focus more on mid-sized organizations.
There are systems and processes in place to prevent such attacks, but common sense is also critical to ensuring your company remains safe and secure.
Never click on unsafe links: Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your computer being infected.
Avoid disclosing personal information: If you receive a call, text message, or email from an untrusted source requesting personal information, do not reply. Cybercriminals who are planning a ransomware attack might try to collect personal information in advance, which is then used to tailor phishing messages specifically to you. If there’s any doubt as to whether the message is legitimate, contact the sender directly.
Do not open suspicious email attachments: Ransomware can also find its way to your device through email attachments. Avoid opening any fishy-looking attachments. To make sure the email is trustworthy, pay close attention to the sender and check that the address is correct.
Never use unknown USB sticks: Never connect USB sticks or other storage media to your computer if you do not know where they came from. Cybercriminals may have infected the device and placed it in a public place to entice someone into using it.
There has never been a more critical time to utilize the expertise of a company to develop a comprehensive security program. Effective ransomware prevention requires a combination of solid monitoring processes, frequent and robust backup strategies, Next-gen Antivirus and Anti-malware software, A.I. powered detection & response software (EDR), human-powered Threat Hunting & Remediation, cyber liability insurance, and above all user training.
Through the use of these services, your company can greatly limit the chance attackers will be successful, ultimately saving both your time and money.