The rapidly developing sophistication of ransomware is causing chaos for many businesses, forcing them to go beyond anti-virus software or off-site backup locations.
Instead, companies are having to come to grips with a ransomware industry that is so evolved, some cyber gangs even provide call centres to help victims understand their demands and pay the price. Despite the soaring number of ransomware attacks, a remarkable number of myths persist about whether the precautions a company can take will keep it safe.
Here are five of the most common ransomware myths, busted with a little expert advice:
Ransomware attacks are a fringe threat
Four years ago, global cybersecurity company Bitdefender declared “ransomware specifically aimed at companies is now a thing.” In 2021, the company reported a nearly 500% rise in the number of ransomware attacks, which now make up a quarter of all cyber incidents. Cybersecurity Ventures puts the collective reward garnered in 2020 by ransomware at around $20 billion, but warns that by 2031, the global ransomware value is estimated to climb to an incredible $265 billion, with attacks every two seconds.
The truth is that ransomware is a growth industry, and businesses of all sizes — not to mention many individuals — are at risk.
Ransomware attacks are random
When ransomware first appeared on the scene, attacks were seemingly random – with victims chosen simply because they clicked a link, were fooled by a phishing attack or had systems that could be compromised. But the ransomware industry is evolving with the emergence of ransomware-as-a-service (RaaS). This option allows for cyber attackers to be hired to create ransomware as a fundraising tool. For these groups, volume is important, with a large number of attacks carried out at a price point payable by smaller businesses. At the same time, some attackers prefer to focus on high-value payouts from mid to large companies, particularly those known to operate in sensitive industries, as can be seen in the recent attack on the Australian Securities and Investment Commission. The average payout for these targets can be 10 to 15 times that of a smaller company. Companies with stores of private data are also at risk, with 80% of 2021 attacks including the threat that data will be revealed if the target doesn’t pay up.
Ransomware attackers only hit big business
Although big targets tend to make the news, the vast majority of businesses affected are small to mid-size enterprises — with an estimated 75% of attacks in 2021 on businesses with fewer than 1000 employees. The reason lies in the lack of IT protection, with many choosing to outsource their planning or services elsewhere. For these companies, it is easiest for attackers to compromise what is known as the remote desktop protocol, used to allow access to the computer from another device, or use email phishing techniques to gain access to systems.
Your only option with ransomware is to pay
Whether you should pay the ransom is a contested point, although it is estimated between a third to a half of infected companies pay something to criminals holding their data to ransom. That’s a decision the Australian Cyber Security Centre recommends against, warning it is no guarantee that you will get your data back. In fact, a 2021 survey by cybersecurity group Sophos of more than 5400 companies found that of those who were attacked and paid up, only 8% recovered all their data, and on average only two-thirds of files were restored. Sometimes this is deliberate, but Coverware warns some newly developed ransomware has so many bugs, even the criminals don’t know how to unencrypt files. This issue has become so prevalent that the proposed Ransomware Payments Bill 2021, which if passed, will require public and private entities to report any ransomware payments to the Australian Government. Like many things, this is a case of prevention being better than the cure.
There’s nothing you can do to prevent an attack
Cybersecurity tools are evolving at a rate to rival ransomware, meaning that there is plenty a business can do to protect itself against an attack. Educating staff on ransomware and cybersecurity threats and what to do if they detect suspicious activity is a key protective measure. Ensure your business has an up-to-date cyber security education module, regularly incorporated as part of employee education. This goes hand in hand with investing in tools and systems to ensure early detection, equipping your business with next-generation antivirus and end-point protection will be critical in preventing an attack. Lastly, ensuring an effective disaster and recovery plan, employing systems to securely store data means that even if a business comes under attack, you may not be forced to pay as your data is sitting safely elsewhere ready to restore.
To learn more about cyber security and assess your business risk, contact your Pitcher Partners specialist.