Crypto-ransomware attacks are growing in frequency and sophistication. It can affect your computer in several ways, including phishing. Attackers pose as legitimate institutions, sending malicious emails requesting that you open or download malicious files. Then, when you click on these emails, you inadvertently expose your computer to ransomware. This type of malware targets many different types of computer and internet users, making it difficult for you to keep up with the latest trends in cybersecurity.
Crypto-ransomware attacks
A business should prepare for crypto-ransomware attacks using a range of proactive security measures, such as vulnerability scanning and management. Vulnerability scanning helps identify assets, vulnerabilities, and unknown network threats. The results of this analysis can be fed into the patch management process. These measures also give visibility into unknown network threats and aid in early detection. Fortunately, these measures are generally not that difficult to implement. Read on for more information on how to prepare for ransomware attacks.
Several cyber criminals have launched ransomware attacks in recent years, including the notorious REvil. The REvil group, based in Russia, has been responsible for several high-profile attacks. While most of their attacks have targeted European and US businesses, they have been less successful in targeting former Soviet countries. In one of the most recent cases, the attackers exploited a vulnerability in a VPN service to encrypt files and demanded a ransom. The ransom demands have reportedly been settled for $2.3 million.
Cost of ransomware attacks
Healthcare organizations are especially susceptible to ransomware attacks. Ransomware is particularly expensive for these organizations because of the high cost of downtime. Moreover, healthcare organizations are more likely to pay the ransom than retail businesses. This is because healthcare organizations cannot afford to lock up data and cannot afford to experience a lengthy system outage. On the other hand, retail businesses can afford system outages and often withstand the financial consequences of a ransomware attack.
According to an IBM study, one-third of customers will take their business elsewhere if informed about a ransomware attack, and 60% will do so if there are two interruptions. IBM also lumps lost business expenses under the cost of a ransomware attack and estimates that businesses will lose more than $1 million each year because of the downtime caused by ransomware attacks. For example, TalkTalk lost 100,000 customers after a massive ransomware attack in 2015.
Targets of ransomware attacks
Cybercriminals target easily compromised organizations, such as government agencies, banks, and medical facilities because they know they will get paid fast. While these organizations may be less likely to employ extensive security measures, most ransomware attacks affect smaller businesses. Because of this, small and medium-sized companies can also be vulnerable to ransomware attacks.
First, encrypting files is one of the most common ways ransomware attacks can spread. These malware programs encrypt your files and require a ransom in exchange for the data. There is no set list for ransomware attacks, so cybercriminals can choose their targets based on what they can demand the information. Some ransomware groups target specific industries and use advanced tactics such as privilege escalation and lateral network movement.
Cost of paying the ransom
The average cost of paying the ransom to cyber criminals has increased over the past year. According to a Sophos survey, the total cost of a ransomware attack has doubled since last year. Companies are paying, on average, $170,404 for the decryption key, and only 8% of those organizations were successful at recovering all their data after paying the ransom. Another 29% recovered less than half of their data.
According to the Cybereason study of 1,400 cybersecurity professionals, nearly half of the respondents paid the second ransom demand, and 9% paid the third. Most organizations, however, were attacked by the same threat actors twice within a month. That meant the companies could not recover from the first attack before the second one. Of these organizations, 68% were attacked a second time within a month.