AGT Advanced German Technology

Ransomware Attacks An Increasing Threat That is Often Overlooked

The visible devastation wrought by the coronavirus pandemic has been bad enough, but the panic and misinformation that it has triggered has led to a steep rise in cybercrime also. Trojan and phishing campaigns remain the leading avenue through which hackers penetrate the defences of corporate and personal cybersecurity infrastructure. The success rate of these criminal exploits is dependent on how susceptible internet users are to the scam emails, text messages and web browser pop-ups that are the vehicle through which the crime is executed. Threat actors have been able to capitalise on the chaos and hysteria that the pandemic has caused, by exploiting the confusion of remote workers in order to extract company information. Although the prospect of client information and intellectual property theft is a threat that concerns many organisations, far fewer are worried about a ransomware attack – though they ought to be.

Ransomware At A Glance:

Ransomware is similar in premise to a hostage situation, only instead of kidnapping a person it is your digital infrastructure and data that are held hostage. A ransomware attack rolled out via viral encryption software, which uses encryption algorithms to lock companies out of their own systems – affecting their servers, assets, networks and Internet of Things (IoT) devices – and holding them to ransom. The fact that corporate ransomware attacks spread so rapidly through digital channels, encrypting everything in their wake, means that they are a highly effective form of cybercrime. For many companies, a ransomware attack can lead to such devastating financial effects that they are left with no choice other than to pay up or go out of business.

The Many Costs of Ransomware Attacks

The overall cost of a ransomware attack is not merely financial. There are numerous consequences and damages that result from such an attack. The following are a few examples:

 Data Breach:
The most troublesome aspect of ransomware is the rate at which it is able to change and evolve. Software can be altered, updated and enhanced to rapidly and with such ease that it can be difficult to keep up. This makes the task of preparing for a ransomware attack all the more problematic. To make matters worse, it is on the rise. According to TechTarget, ransomware attacks doubled in 2021 and approximately 37% of global organisations said they were victim of some form of ransomware in the last year.

Why is ransomware so debilitating? A successful attack will severely limit the operations of a company’s digital systems until either the ransom is paid, or help is enlisted. If an organisation is prepared for such an attack, they may be able to navigate away from disaster through protocols used to restore systems through backups and eliminate the virus. However, the most dangerous form of ransomware – Maze ransomware – is too sophisticated to be dealt with by such means. Maze ransomware, unlike less advanced forms, erases Windows back-ups, which means that companies have to either pay up fast or risk losing potentially all of their data and assets. Such an extensive data breach can cause financial damages to an organisation in multiple ways.

While backups are usually an effective mechanism to overcome a ransomware attack (due to the ability to wipe systems and restore them using an earlier copy), Maze prevents this from being possible. The inability to restore systems using a backup means potentially all digital assets are in jeopardy, and could be lost with no means of recovery. Although a system lock-out results in a loss of revenue, the financial consequences of losing all of your data, intellectual property and other assets are far more devastating. According to the U.S. Treasury’s Financial Crimes Enforcement Network, in the first six months of 2021 there were $590 million in ransomware-related costs, outpacing the $416 million figure reported for the whole of 2020. Maze ransomware is now leading forward-thinking corporations to adopt physical, offline storage in order to be able to deal with the threat of an attack.

Data Theft:

In June 2021, it was reported a ransomware attack on the Iowa-based Wolf Eye Clinic led to the theft of data belonging to 500,000 patients. Sensitive information, such as names, mailing addresses, dates of birth and Social Security numbers were stolen during the attack. Double extortion is becoming increasingly popular, where the attackers exfiltrate data to a separate location and then demand a second ransom to prevent the data being leaked.

Preparing For A Ransomware Attack
The increase in ransomware attacks appears to directly correlate with the vulnerabilities posed by employees working remotely. The reason for this is the increased reliance on cloud-based computing and lack of IT visibility. These factors have made both companies and employees alike significantly more vulnerable to cyber-attacks, such as ransomware.

Regularly Create Offline Backups

Existing systems and past ones alike are at risk of being compromised by ransomware – using offline backups means that you are able to restore systems following a Maze attack, and ensures that your information is protected.

Digital Forensics:
Implement proactive digital forensics protocols, to regularly review the health of your cybersecurity defences and identify any less detectable threats by combing your assets.

Enlist The Professionals

The implementation of advanced cybersecurity measures, such as data decryption, digital forensics and backup management is a difficult task – near impossible without the assistance of a cybersecurity provider. At AGT, we ensure 360-degree cybersecurity and employ the leading experts in the field to ensure that you are always protected. If you would like to implement a cybersecurity program, designed to prevent attacks, limit damages and utilise an incident response plan, contact us today.