Ransomware: Cybersecurity’s Biggest Bully Yet
Can you imagine logging into your system to access your business data and being unable to do so? Talk about your worst nightmare coming true!
Unfortunately, an increasing number of businesses around the world are living this nightmare with countless others coming in the line of fire, including yours. Ransomware is growing rapidly and crippling businesses worldwide, making up 27 percent of all malware incidents in 2020.
If you aren’t already in the know, ransomware is a type of malicious software that gains access to files or systems on your network and blocks your access to them until you pay a ransom in exchange for a decryption key.
Sounds pretty serious, but why are we calling it cybersecurity’s biggest bully yet? Keep reading to know all about its history, destructive impact, and dangerous growth trajectory to get your answer.
Three Decades of Bullying and Counting
In 1989, ransomware claimed its first victims when a Harvard-educated biologist and AIDS researcher, Joseph Popp, distributed 20,000 floppy disks loaded with ransomware to AIDS researchers across 90 countries.
He claimed that the disks had a program that could analyze an individual’s risk of acquiring AIDS via a questionnaire. The recipients were unaware of a malware program inside the disks that activated itself and locked the computers after they were powered on for the 90th time post the malware’s entry into the system.
Once active, the malware displayed a message first demanding $189, and later another $378, for a software lease from a company called PC Cyborg. This attack became notoriously known as the AIDS Trojan or the PC Cyborg virus. That year, a new and formidable cybersecurity threat was born.
Ransomware’s emergence, however, began nearly 20 years later when ‘Police Locker’ attacks burst onto the scene. These attacks used a malware that changed a user’s desktop screen to depict a false note from a law enforcement agency – the police or the FBI. Interestingly, the attacks did not use encryption and could have been resolved simply by rebooting the computer, but it was the fear tactic that compelled several victims to pay hundreds of dollars in ransom.
Modern-day ransomware developers have come a long way since Joseph Popp in the late 80s, the use of RSA encryption in the mid-2000s and attacks such as Police Locker. While early ransomware developers developed the encryption code on their own, today’s attackers use existing libraries, which are harder to tackle, as well as spear phishing, among other methods.
Some of the most advanced cybercriminals are making a fortune out of selling ransomware-as-a-service, which has allowed even attackers with less technical skills to carry out massive attacks. Ransomware, such as CryptoLocker, CryptoWall, Locky and TeslaCrypt, are just some of the attacks that have emerged out of this new industry.
A Weak Defense Equals Surrender
Most organizations, especially small and medium-sized businesses, either assume that they will never experience a ransomware attack or that their cyber insurance will bail them out by paying the ransom. While the former is a misconception that needs to be done away with, the latter is still a possibility, but only if your cyber insurance covers ransomware. While 84 percent of businesses have cyber insurance, only 64 percent have policies covering ransomware.
Remember, a weak defense against ransomware is tantamount to leaving your business’ future in the lurch.
You no longer have the time or the liberty to put off investing in best-in-class cybersecurity solutions that can help you adopt a preventative approach towards fighting ransomware. Having a trusted MSP partner will make it easy for you to adopt best practices such as endpoint security and backup, identity and access management, automated phishing defense, Dark Web monitoring, and security awareness training.
While no one can ever guarantee 100 percent protection against ransomware, there’s a lot you can do currently to build a resolute defense against it.
Get in touch with us and let’s talk about how you can ward off cybersecurity’s biggest bully before it puts your business’ future in jeopardy.