Ransomware remains a very real threat, and is arguably only getting worse. Attacks are now able to come more frequently, and there are opportunities for even relative amateurs to level an attack against some unfortunate victim. However, this is not to say that there is nothing you can do to keep your business from becoming another cautionary tale.
Ransomware, in review:
First of all, it’s important to understand exactly what ransomware is. A form of malware, ransomware will infect your system and encrypt your data. It gets its name from the fact that the attacker will demand a ransom in order for your data to be decrypted. What’s worse, if you pay, you’re taking the distributor at their word that they will decrypt your data once the money has changed hands.
Understandably, this form of ransomware can be a highly potent weapon against many users, who simply won’t know how to handle the situation beyond paying and hoping for the best. Of course, since the motives behind ransomware are financial, a lot is directed towards business targets, as they not only have more funds available but are also heavily reliant on their data to function.
The nature of ransomware means that those that distribute it can usually name their price for the decryption key. After all, it isn’t as though victims have anywhere else to turn other than the hacker (or so the hackers want them to believe). Due to this, ransoms for encrypted data have shot up–in 2015, the ransom to decrypt an infected computer would cost about $294, on average. That price had jumped to average $1,077 per computer in 2016.
In addition to this increase in ransom demands, there was a 36 percent higher rate of ransomware attempts between 2015 and 2016, 68 percent targeting consumers. This left a still-considerable 32 percent being leveraged towards businesses.
Does it get worse? Sure does.
As if it wasn’t bad enough already, ransomware is now able to be utilized by just about anybody who has a grudge or a desire for some extra cash. Ransomware is now offered as-a-Service, allowing an attack to potentially come from far more sources than before. Some variants of ransomware, such as Karmen, will only cost an aspiring cyber criminal $175 to cash in on.
Thankfully, there are steps being taken to eliminate the threat of ransomware. For instance, there are decryption tools to help undo the damage that Karmen can cause because it was derived from the open-source ransomware project Hidden Tear. Other tools and resources are available to help identify which ransomware has infected a given system, like this one from security researcher Michael Gillespie.
However, there are also steps that you can take to avoid a ransomware infection, like following best security practices and computing mindfully.