Stop Ignoring Ransomeware Attacks That Are Now More Real Than Credit Card Theft
JAKARTA - Cyber crime can no longer be ignored. In fact, nowadays we have to be more careful about attacks. Ransomware, for example. Due to their vulnerability, ransomware attacks are more common for the first time than credit card theft.
According to the Cybersecurity company Infrascale report, there have been more than one trillion security incidents over the past year. Meanwhile, hundreds of breach investigations have found ransomware attacks to be the most common cyber crime incidents.
Ransomware attacks were more common than previously thought in the small and medium enterprise (SME) community, with 46 percent of SMEs reporting being victims of data-crippling malware. Approximately 73 percent of those targeted actually paid the ransom.
Based on a survey of more than five hundred C-level executives, they found that business-to-business (B2B) organizations are more vulnerable to ransomware attacks than business-to-consumer (B2C) entities. Representatives of 55 percent of B2B said they were infected with ransomware.
According to McAfee Labs, in August 2019, there was a 118 percent increase in ransomware attacks in the first quarter of 2019, during which a small organization found that their database had been taken over by a network encrypting malware. Furthermore, the perpetrators will blackmail the victims into giving them a sum of money to regain access to their data.
The number of ransomware attacks quadrupled compared to the previous year. This means that currently these attacks occur more frequently than theft of credit cards and personal data. One of the reasons why ransomware attacks have increased so much is because cybercriminals are increasingly seeing it as the simplest and fastest way to make money from a network that is easy to hack.
With ransomware, attackers can lock down entire networks of large organizations and companies and ask for bitcoin payments in exchange for their data back.
Of course, ransomware attacks are often successful because victims choose to pay the ransom demand. Victims see the ransom as the quickest and easiest way to recover their data, although authorities warn against granting extortionists' requests.
These ransomware demands typically run to a six-digit count. And because transfers are done in bitcoin, it's relatively easy for criminals to launder bitcoin money without being traced.
"It is surprising that during the time when the world has to unite in the fight against COVID-19, criminals are preying on unsuspecting people and organizations," said Infrascale CEO Russel P. Reeder, in a statement quoted by Tech Republic.
"And, in most cases, these bad actors really do benefit. With the right strategy of employing preventive measures like internet security and education, and protective measures like data backup and disaster recovery, you don't have to pay for ransomware. "he added.
As a crime
Stealing personal data and credit card data is also a potentially profitable route for cyber criminals. However, this arguably involves a lot more work than installing ransomware and demanding a ransom.
Attackers need to make their way onto the network using malware, keep the malware on the network uncovered and then squeeze the information undetected.
All of this requires processing, so criminals will need to take extra time and effort to make money off of the stolen data. This could be using stolen bank details to commit the fraud yourself or it could be selling the stolen information to other users on underground forums.
However, like the proliferation of stolen credit card information on the dark web, it can be difficult to make large sums of money from selling stolen details, so a lot of work can go into what may not be the grand prize.
So, while ransomware can net attackers hundreds of thousands of dollars in one go, it's easy to see why the malware is such an attractive prospect for cybercriminals.
Ransomware attacks have many ways, one of which relies on users clicking on phishing links or downloading malicious files. However, ransomware can exploit people who are always surfing the internet to infiltrate and spread throughout their network without user involvement.
WannaCry Ransomware is perhaps the most famous example of this. Since then, cybercriminals have exploited the vulnerability to crawl around the network and infect everything needed before pulling a trigger on a ransomware request. All things, of course, without the involvement of the victim.
However, despite the potential damage that ransomware can do, it is necessary to double security so that ransomware and other malware cannot exploit known vulnerabilities. Multi-factor authentication must also be implemented across the network, so if an attack does attempt to force a login, there is an additional barrier to stopping it.