According to cybersecurity firm Bitdefender, ransomware is now estimated to be a $2 billion a year business. At the start of 2016, it was already a billion dollar business, but thanks to WannaCry, NotPetya, and the thousands of other ransomware attacks across the globe, revenues have doubled.
What does that mean for ransomware in 2018? Unfortunately, it doesn’t show signs of stopping. Bitdefender says ransomware developers are experimenting with targeting the GPU (Graphics Processing Unit) instead of the CPU (Core Processing Unit) of the computer, meaning file encryption could be completed much faster. Forrester also predicts that ransomware in 2018 will target IoT systems (most of which have incredibly weak security) and mission-critical POS systems. With the average price to unlock files skyrocketing from $410 dollars in early 2016 to $1,000 today, criminals have a much higher potential payday against businesses, and attacks against them as such have tripled in 2017.
First of all, beware of links sent in emails, and keep your anti-virus and firewalls up to date. Some cybersecurity firms also offer special ransomware to block malicious downloads and exploit kits. However, phishing emails continue to be the most popular delivery method for ransomware, so it’s extremely important to be cautious about opening and clicking on any attachments. There are 160 distinct families of ransomware currently known, with one in six emails now containing ransomware. There’s only so much anti-virus or anti-malware products can do to keep up, which is why human vigilance is more important than ever.
It’s also important to keep several copies of your files in different locations and different networks. It’s not enough to have a single backup of your files on the same network as your production data. Ransomware has evolved to spread across a network and infect everything on it. Remember the 3-2-1 rule: Three copies of your data, in two different locations, with one offsite. This will help ensure that your data integrity remains intact even if your files are held hostage.
If you’ve been infected, try to avoid paying the ransom if at all possible. It’s not always possible, but security researchers and the FBI recommend not paying because it helps dissuade further attacks, and because payment doesn’t always guarantee a safe return of files. In fact, less than half of the victims who pay up recover any files. See the following resources if you or your company have been hacked.
Ransomware is a great way for criminals to make money, and they’re only going to refine their attack methods to ensure even more success in 2018. Stay on the alert as we head into the new year.
Looking for more ransomware resources? Check out the following:
What is ransomware, and how do you protect against it? Ransomware has been rising at an “alarming rate,” according to security researchers, with a 3,500 percent increase in criminal use of net infrastructure that helps run ransomware campaigns. (read more)
Ransomware in healthcare: What you need to know: Ransomware was officially a billion dollar crime in 2016, with more than 4,000 attacks since Jan. 1 and at least 25 variants of ransomware discovered. (read more)
Breaking down the WannaCry ransomware attack :Companies across the globe are still reeling and recovering from the global ransomware attack known as WannaCry on Friday, which took down tens of thousands of machines in 150 countries, including Britain’s National Health System. (read more)
How does Ransomware as a Service work? Ransomware has made headlines time and again for its devastating effectiveness on governments and organizations, but researchers are starting to pay attention to a developing trend within ransomware: Ransomware as a Service (RaaS). (read more)
What is Malvertising? Malvertising, a portmanteau of “malicious” and “advertising” has quickly become popular with bad guys everywhere. Its first appearance was detected in 2007, and it’s been on the rise ever since. (read more)
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.