Over the course of 2019, the number of ransomware attacks continued to rise. It’s become a highly effective method for hackers around the world to hold businesses hostage and receive a large payday. Despite broad awareness of the issue due to increased media coverage, there are still several key aspects about ransomware many organizations don’t understand. An article from Risk & Insurance surveyed cybersecurity experts to highlight five aspects of ransomware organizations need to know.
- Ransomware attacks are only getting worse: 93% of experts surveyed agree that the frequency of attacks is on the rise along with payments being made out to mitigate harm. The most common reasons for this trend include low bar to entry; it’s becoming increasingly easier for attackers to learn the technology needed to complete an attack and its lucrative nature as compared to other cybercrimes. Experts report an average ransom to be $100,000, a number that doesn’t account for additional recovery and mitigation costs victims face.
- Hackers rely on an ecosystem of support: While the perception of hackers is more of a “lone-wolf type,” most can’t survive without the ecosystem of supports, which includes cyber-risk insurance underwriters, forensic experts, breach lawyers and bitcoin brokers. This network of remediation services and consultants facilitate dealing with and making payments to these ransomware attack cyber criminals. Many businesses may simply see ransomware as just an additional line on their expense sheet because of this. Cyber criminals understand the support network exists and see it as a way to streamline their own operations.
- Ransomware is a business: 71% of experts say that less than 5% of ransomware cases end with a perpetrator not handing over a decryption key after a payment has been received. While it may seem like the victim loses leverage after handing over a payment, it is in the best interest of the hacker to comply. The reason for this is based on reputation as breach remediation service providers’ deal with the same groups of ransomware attackers on a daily basis – they know which ones are reliable and keep to their promises based on prior experience. Word of mouth matters. Failure to comply after being paid may mean a loss of future ransomware revenue for an attacker if they were found not to be reliable on their promises related to a prior ransomware attack.
- Cyber risk insurance is imperative: Alongside IT safeguards and procedures put in place, every protection strategy should include having cyber risk insurance coverage. Cyber coverage provides a policyholder that has been attacked with immediate access to needed experts, which helps mitigate risk.
- Ransomware should be treated like the flu: Protecting Remote Desktop Protocol (RDP) ports and proper phishing training are two important areas of protection from ransomware on which organizations should focus in terms of prevention. The most common way hackers exploit RDP users are weak passwords and exploits in outdated software. 50% of experts say that phishing campaigns are the biggest threat to current cyber security tools. Preventive phishing training, much like immunizations for the flu, is highly recommended to assist in avoiding ransomware attacks. While nothing is certain, proper precautions in these key areas can help decrease risk factors.
By being aware of these five known ransomware facts, you can decrease the risk of your business being affected by a ransomware attack. Talk to a trusted advisor to help better understand how these key points can protect your organization.