Ransomware is arguably both the most concerning and most successful form of cyber-attack that business has ever had to deal with. This insidious threat has been around in its modern form since the 2000s, using tried and tested social engineering tricks, helped out by vulnerabilities found across our technology and IT networks.
Well-established it may be, but ransomware is going nowhere. According to Kroll, a company that performs global investigations into cyber-risk, ransomware was the most observed threat in 2020. Here is a look at the impact that ransomware has had on the industry in 2020 and how to prevent ransomware in 2021.
The scourge of ransomware looks set to continue with an increase of 40% in ransomware attacks during Q3 of 2020. This equates to almost 200 million infections, globally. Some of the lowlights of ransomware in 2020 include:
2020 not only saw a surge in ransomware but the ransoms being demanded increased. A report from the insurance sector, “H1 2020 Cyber Insurance Claims Report” saw a 100% increase in ransomware demand. The report also pointed out that 87% of all claims made were due to three types of attacks: ransomware, funds transfer fraud, and business email compromise (BEC), with ransomware being the top claim type. The report also highlighted that ransomware is the great leveler; the losses from a ransomware attack being as severe for smaller organizations as for larger enterprises.
All ransomware attacks are nasty and cause a major impact on all types of organizations infected with the malware. However, there were some notable nasty ransomware attacks in 2020. One particular example stands out. An attack on a German hospital ended in the death of a woman who was turned away from the affected hospital as they could no longer take in patients; the re-routing of the patient to another hospital delayed treatment resulting in her death.
According to KPMG, Covid-19 themes were behind many ransomware campaigns during 2020. Organizations were targeted with realistic looking emails using Covid-19 related content. Cybercriminals also took full advantage of home working, offering free downloads of online collaboration tools to encourage the user to click a link or open an infected attachment.
Using Covid-19 related email scams to deliver ransomware is expected to continue into 2021. Security experts predict that ransomware threats will be propagated using Covid-19 vaccine related emails in the coming months.
Ryuk ransomware seems to be the weapon of choice for ransomware attackers in 2020. Attacks using Ryuk accounted for over one-third of all ransomware attacks in 2020, with 67.3 million infections caused by the malware by Q3, 2020. Ryuk is not a new type of ransomware but it is used persistently and new ways of infecting devices with Ryuk are always being explored. A recent example was a 2020 Ryuk ransomware campaign based on phishing emails that directed targets to a Google document on a GDrive. The target recipients were tricked into clicking the link with the promise of an important financial statement.
It is unlikely that 2021 will suddenly see the demise of ransomware attacks. Instead, organizations of all types and sizes have to head off this cyber-threat with a proactive security stance. There is no one-size-fits-all solution to ransomware prevention. Instead, the enterprise can use a mix of detect and prevent along with disaster recovery (if the worst does happen):
Ransomware can enter the network using several techniques, this includes hackers finding vulnerabilities in commonly used services such as Remote Desktop and its associated protocol (RDP). However, phishing is still a major route for malware (including ransomware) to enter the corporate network. To prevent ransomware from infecting a device and subsequently infecting a network, your organization should:
If the worst does happen, and your system is infected by ransomware, the damage can be minimized if you have a secure backup system in place.
Security is rarely an on/off switch. To create a secure working environment, especially one that may include a large number of remote workers, an organization needs to create a culture where security is second nature. This means turning to cloud-based security services that are designed to take the weight off an IT department in terms of securing data and IT resources. Modern security solutions are built to aid the IT team and provide security monitoring, reporting, and prevention, controlled using remote management interfaces to allow easy configuration.
2020 has been a challenging year for everyone and ransomware has only added to this. In 2021, we are unlikely to see cybercriminal activity decrease. The fraudsters behind ransomware will continue to use the technique to make money, and in doing so cause harm to organizations. By being proactive and using the right tools for the job, 2021 will hopefully turn out to be the year that ransomware met its match.
Make security second nature in your organisation with TitanHQ. Be ready for 2021 and prevent ransomware attacks. Get access to a free trial WebTitan today to test out all the protective features available.
Sign-up for email updates...