Ransomware Explained

By: Mark Hurley

A successful ransomware attack can be devastating to a business. Organizations caught unprepared could be left with the choice between paying a ransom demand and writing off the stolen data entirely.

In our day-to-day cybersecurity practice, we perform a lot of assessments with new and potential clients. Among this wide variety of professional companies, we find very differing understanding of the threat that ransomware poses to their businesses.

There are the unknowledgeable optimists who believe it will never happen to them. Clearly this is not a recommended stance.

There are also the informed optimists who believe they have all angles of protection covered. This may or may not be the case. Assumptions can be dangerous.

Finally, there are the affected pessimists. They have suffered from a ransomware attack, and it may be too late. We receive calls from complete strangers asking how they deal with a ransomware hit. We always ask whether they have a backup and if they carry cyber liability insurance. The silence at the end of the phone can be deafening.

No matter which camp you belong to, it’s important to become informed, implement preventative measures and plan for the worst outcomes, so your business can continue to thrive after such an attack.

In this article, we provide key information and some of the measures required to both prepare and recover if your business is affected by a ransomware attack.

What’s ransomware?

Ransomware is a multibillion-dollar criminal enterprise executed by cyber criminals to disrupt access to your systems, business, and personal information. It is a form of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment.

Once your files are infected, the attackers then demand a ransom (normally in Bitcoin) to liberate access to your data and critical business systems. Ransomware activity is on the rise at an exponential rate. Research suggests that in 2020 a new organization was hit by a ransomware attack every 14 seconds and that ransomware incidence increased 50 percent in Q3 2020 alone.

Adding insult to injury, the cyber criminals are leveraging the Covid crisis to target vulnerable remote workers and infect vulnerable organizations. Cybersecurity Ventures predicts that ransomware damage will exceed $20 billion by 2021.

Ransomware attacks are so effective because they takes many guises. You must be aware of all of them to effectively protect your data and your entire network.

Case Study: The NHS

A famous example of ransomware is the WannaCry attack of May 2017. This was a piece of malware that infected over 230,000 computers across 150 companies within a single day. It encrypted all files it found on a device. Following that, users must pay $300 worth of Bitcoin payments to restore them.

WannaCry mainly affected large organizations, and the National Health Service in the UK was one of highest-profile targets affected. Surprisingly, the attack’s impact was lower than it would have been, due to the fact it was stopped quickly, and it did not target extremely critical infrastructure, like railways or nuclear power plants.


Latest Updates

Subscribe to our YouTube Channel