{"id":856,"date":"2021-04-27T15:15:00","date_gmt":"2021-04-27T15:15:00","guid":{"rendered":"https:\/\/dev.cryptoloc.au\/?p=856"},"modified":"2023-10-03T06:21:21","modified_gmt":"2023-10-03T06:21:21","slug":"the-rise-of-ransomware-understanding-the-surge-in-cyber-extortion","status":"publish","type":"post","link":"https:\/\/127.0.0.1\/the-rise-of-ransomware-understanding-the-surge-in-cyber-extortion\/","title":{"rendered":"The Rise of Ransomware: Understanding the Surge in Cyber Extortion"},"content":{"rendered":"\n

Ransomware is on the rise, and it\u2019s not slowing down. Cryptoloc founder and chairman Jamie Wilson<\/a> explains the perfect storm of conditions that have combined to allow ransomware to run rampant \u2013 and how organisations can protect themselves.<\/em><\/strong><\/p>\n\n\n\n

For most of the world, the past 12 months have been defined by COVID-19. But for cybersecurity professionals, it\u2019s the rise of ransomware that has set off alarm bells. Of course, these two scourges are not mutually exclusive.
Now, there\u2019s nothing particularly new or novel about the concept of ransomware \u2013 the practice of locking a victim out of their own files and demanding a ransom for their decryption dates back to at least the mid-2000s. What is deeply concerning, however, is how frequent and impactful these cyberattacks have become.<\/p>\n\n\n\n

Ransomware on the rise<\/h3>\n\n\n\n

Ransomware attacks dealt unprecedented damage to organisations in 2020. The FBI reported a 400 per cent increase in cyberattacks after the onset of COVID-19, while a report into the economic impact of cybercrime by McAfee and the Centre for Strategic and International Studies (CSIS) found that company losses due to cyberattacks had reached almost $1 trillion in the United States alone by late 2020.<\/p>\n\n\n\n

Whereas a typical ransomware attack against an individual may once have netted the attacker a few hundred dollars, increasingly savvy cybercriminals now target organisations, extracting hundreds of thousands of dollars from each \u2018successful\u2019 attack and helping to drive small and medium-sized enterprises out of business.<\/p>\n\n\n\n

One attack in 2020 against German IT company Software AG came with a staggering $20 million ransom demand. Another German attack took a terrible toll in September, when a woman in need of urgent medical care died after being re-routed to a hospital further away while Duesseldorf University Hospital dealt with a ransomware attack.<\/p>\n\n\n\n

A report by defence think tank the Royal United Services Institute (RUSI) and cybersecurity company BAE Systems found that the number of groups launching ransomware attacks grew month on month throughout 2020, and that most of these groups are now utilising a tactic known as \u2018double extortion\u2019 \u2013 not only do they force organisations to pay a ransom to operate their systems and unlock their encrypted files, but they also threaten to leak the data, intellectual property and other sensitive information in those files if the ransom isn\u2019t paid.<\/p>\n\n\n\n

Cybercriminal group Maze is thought to have been the first to employ the double extortion tactic in late 2019, and it\u2019s since been used in attacks against major companies like Travelex, CWT and Garmin.<\/p>\n\n\n\n

Consider the impact an attack like this could have on, for instance, a travel agency \u2013 not only could they be locked out of their own booking system, but they could face further consequences if the client details they have on file, including passports and driver\u2019s licenses, are leaked.<\/p>\n\n\n\n

Further complicating matters is the uncertainty about how long a cybercriminal might have been in your system. It\u2019s one thing to back up your files every seven days, for instance, but if they\u2019ve had access to your system for months, that\u2019s redundant \u2013 and makes recovery close to impossible.<\/p>\n\n\n\n

The perfect storm<\/h3>\n\n\n\n

There are any number of factors that have led to the surge in ransomware over the past 12 months, from the increasing ease of its use to the changes in the workplace caused by COVID-19 and the frequency of ransom payments.<\/p>\n\n\n\n

The aforementioned report by RUSI and BAE Systems points to how easy it has become for cybercriminals to acquire and utilise ransomware, exemplified by the rise of ransomware-as-a-service. Even low-skilled cybercriminals can now pay a fee to nefarious operations like REvil for pre-packaged ransomware that they can use. Shady operators can even employ the services of \u2018initial access brokers\u2019, who sell access to pre-compromised corporate networks.<\/p>\n\n\n\n

It\u2019s long been known that ransomware attacks exploit human weaknesses as well as technical vulnerabilities, and the boom in remote working caused by COVID-19 has presented cybercriminals with plenty of both. The FBI attributed the sharp spike in cyber crime in 2020 to ill-secured virtual work environments and a reliance on email and makeshift IT infrastructures.<\/p>\n\n\n\n

It\u2019s a free-for-all that led to a dramatic increase in risk, as businesses caught flat-footed by the pandemic lost track of which devices were being used by their employees, and had no control over the security of their Wi-Fi connections. With employees operating across different networks in multiple locations, using the same devices for work and personal purposes without the benefit of their organisation\u2019s security perimeter, the attack surface for cybercriminals grew exponentially.<\/p>\n\n\n\n

Once an attacker compromises an employee at home, it\u2019s just a matter of waiting for them to connect to the corporate network. From there, they may as well be plugged into a computer inside the office.<\/p>\n\n\n\n

Often, organisations will feel they have no choice but to pay the ransom \u2013 and the more organisations that give in, the more that ransomware is normalised and incentivised. And while taking out a cyber insurance policy might seem like the responsible thing to do, it further encourages payment, turning ransomware into just another standard operating cost.<\/p>\n\n\n\n

It should be noted, too, that the rise of ransomware is inextricably linked to the rise of cryptocurrencies like Bitcoin \u2013 a secure, essentially untraceable method of making and receiving payments favoured by cybercriminals for its anonymity.<\/p>\n\n\n\n

I\u2019ve seen organisations faced with the difficult choice of whether or not to pay the ransom firsthand. While there is momentum behind a push to make ransom payment illegal, it\u2019s entirely understandable that victims would feel they have no choice but to pay up \u2013 especially when sensitive personal data or medical records are at stake, or, as in the case of Duesseldorf University Hospital, a life hangs in the balance.<\/p>\n\n\n\n

Consider, too, initiatives like the General Data Protection Regulation (GDPR), which places the possessors of personally identifiable information at greater risk of substantial fines if that data is leaked, and it\u2019s clear that ransomware is a legal and ethical minefield that can only be successfully navigated by steering well clear of it in the first place.<\/p>\n\n\n\n

An end to ransomware<\/h3>\n\n\n\n

With ransomware posing an increasingly serious threat to all organisations, it\u2019s essential to take precautions \u2013 but not everybody is getting the message.<\/p>\n\n\n\n

McAfee and CSIS surveyed nearly 1,000 organisations late last year and found that only 44 per cent had cyber preparedness and incident response plans in place. Worse yet, just 32 per cent of respondents believed their plan was actually effective.<\/p>\n\n\n\n

The obvious first step, especially in light of the remote working boom, is to ensure timely patching of all your organisation\u2019s software and devices. While this won\u2019t guarantee protection against attack, it will minimise your exposure.<\/p>\n\n\n\n

Education is a key component of this. Organisations need to ensure that all of their employees are aware of the importance of timely patching, and regularly briefed on the latest techniques being utilised by cybercriminals. It\u2019s every organisation\u2019s responsibility to engage their employees with that training \u2013 it may seem time-consuming, but it\u2019s vastly preferable to the alternative.<\/p>\n\n\n\n

Above all else, though, is data. Organisations need to control who has access to their data, and know exactly what they do with it. My company, Cryptoloc, is dedicated to protecting that data \u2013 which is why we\u2019ve developed the world\u2019s safest cybersecurity platform.<\/p>\n\n\n\n

Our patented technology \u2013 developed in collaboration with an elite team of cryptographers, mathematicians, data scientists and software developers \u2013 combines three different encryption algorithms into one unique multilayer process. It can be deployed across a wide range of applications, including file storage, document management and delivery, and counterfeit prevention and detection solutions. Our clients can send fully encrypted documents straight from Microsoft Outlook, and develop and build their own products on our secure digital platform.<\/p>\n\n\n\n

Our ISO-certified technologies ensure that organisations and their employees, contractors, clients and customers can interact securely, with each piece of data assigned its own separate audit trail, and every user and action verified and accounted for.<\/p>\n\n\n\n

Better yet, our \u2018Zero Knowledge\u2019 protocols mean we know nothing about the data our clients store with us. Our escrow encryption key recovery process ensures their data is theirs and theirs alone, and can only be accessed by the people they choose.<\/p>\n\n\n\n

No other platform has ever been able to guarantee the same protection as Cryptoloc \u2013 and in today\u2019s landscape, that\u2019s the level of protection required to prevent attackers from exploiting vulnerabilities and installing ransomware.<\/p>\n\n\n\n

Ransomware will only stop when ransomware is no longer profitable, and that will only happen when organisations stop falling victim to ransomware attacks. They have to have absolute certainty that they control their data \u2013 and in doing so, they can control their future.<\/p>\n\n\n\n

This article first appeared in Cyber Defense Magazine<\/a>. <\/strong><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Ransomware is on the rise, and it\u2019s not slowing down. Cryptoloc founder and chairman Jamie Wilson explains the perfect storm of conditions that have combined to allow ransomware to run rampant \u2013 and how organisations can protect themselves. For most of the world, the past 12 months have been defined by COVID-19. But for cybersecurity professionals, it\u2019s […]<\/p>\n","protected":false},"author":3,"featured_media":1092,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/856"}],"collection":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/comments?post=856"}],"version-history":[{"count":1,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/856\/revisions"}],"predecessor-version":[{"id":857,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/posts\/856\/revisions\/857"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/media\/1092"}],"wp:attachment":[{"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/media?parent=856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/categories?post=856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/127.0.0.1\/wp-json\/wp\/v2\/tags?post=856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}