The Growing Menace of Ransomware
Ransomware attacks are on the rise. Don’t let yourself become a victim.
For anyone with a passing awareness of IT trends, ransomware is the hot topic of the day. From the Colonial Pipeline attack to the JBS Holdings attack, ransomware attacks are becoming more brazen, more destructive and more frequent. According to recent data, this cybercrime is expected to grow by a staggering 15 percent per year, until it reaches 10.5 trillion dollars in 2025.[1] For comparison’s sake, the entire GDP of the United States in 2019 was 21.43 trillion dollars.[2]
Of course, independent title insurance agencies are much smaller than a gigantic oil pipeline system or food processing company. But that doesn’t mean they are immune from being targeted by bad actors or that they will stay under the radar of cybercriminals by default. Smaller companies are also at risk and need to take steps to protect themselves and their operations from ransomware.
Here is what you need to know about this particularly destructive cybercrime.
What is Ransomware?
Ransomware is a type of malware. True to its name, it blocks access to systems, devices, files or data until a ransom is paid. It’s important to note, however, that there are many different variations of ransomware. There is crypto ransomware, where malware encrypts a system’s files; wiper ransomware, where it threatens to erase files; or locker ransomware, where it blocks access to a system entirely. Ransomware also often includes communication from the criminal, a demand for financial payment – typically in the form of Bitcoin.
How Do Ransomware Attacks Occur?
Ransomware is delivered in a variety of ways. Some of its delivery mechanisms can include malicious attachments or links sent in an email; a network intrusion; being dropped by another malware infection; or by being wormable, where it spreads laterally via flash drives or Windows shortcut (LNK) files.
Why Be Aware of Ransomware?
Ransomware is a chronic and escalating problem. Not only do attacks appear to be happening more frequently, but their impact is also growing. In 2019, for instance, ransomware tore through 750 government computers in Texas. Earlier in 2021, the Colonial Pipeline got shaken down for nearly $5 million in ransom. Also this year, the computer giant Acer was attacked, with the threat of actors demanding a $50 million payment – the largest known ransom to date.
The ransoms that follow these types of attacks are not the only losses these companies experience. Ransomware also results in significant downtime for a company, which can cause havoc for an organization’s bottom line, not to mention their brand and reputation.
How Do You Protect Yourself?
As with many cyber initiatives, developing an effective and robust defense against ransomware requires an all-hands-on-deck approach and strong organizational buy-in. It is imperative for companies to develop, implement and enforce cybersecurity policies across all departments. Such policies should include guidance and training for how to spot malicious emails and report suspicious activity. In addition, businesses can change default passwords at network access points, routinely apply software patches to keep systems current and segment networks to make it harder for a criminal to roam across your entire digital ecosystem.
Now is the Time for Action
With the prevalence of breaches and cyber-attacks, conducting business online can feel like the Wild West: you just never know what is going to happen. But there is truth in the adage that the best defense is a good offense.
With ransomware attacks growing in both size and scope, now is the time to take proactive, preventative action to discourage bad actors or make your enterprise more resistant to cybercrime. Nobody can eliminate the prospect of ransomware attacks. But by taking strong action before a problem arises, you will greatly reduce the possibility of being attacked and keep your operations running as smoothly as ever.
[1] The increase in ransomware attacks during the COVID-19 pandemic may lead to a new internet (theconversation.com)
[2] United States of America – Place Explorer – Data Commons
Tags: #becybersmart, cybersecurity, fraud