Since the start of the pandemic, ransomware attacks have been on the rise. Here are three reasons why they're rising and what companies can do to protect themselves.
The ongoing COVID-19 pandemic has presented businesses with a myriad of new challenges. While economic pressure and health concerns have taken the spotlight, other, less obvious, threats have grown in the background. On top of these financial and medical issues, ransomware attacks have been rising.
Ransomware, which encrypts and holds a company's data for money, was a threat long before the pandemic. Though it may not be new, it is increasing. New ransomware samples have grown by 72% over the first half of 2020.
The unique challenges of pandemic life have made businesses more susceptible to ransomware than ever. Here's a closer look at why these attacks are rising and what companies can do about it.
The vast majority of ransomware attacks rely on social engineering, or tricking users into doing something. Most of the time, this takes the form of phishing emails that infiltrate the user's system when someone takes action like clicking a link. Pandemic-related confusion makes people more likely to fall for these schemes.
When employees are already dealing with changes, they may be less skeptical of an unusual email. Users may also find it challenging to focus amid these shifts, so they may not recognize telltale signs of phishing they would otherwise notice. Cybercriminals are aware of these human vulnerabilities and have moved to exploit them.
Earlier this year, a popular ransomware trend involved using COVID-themed messages to trick users. People desperate to learn more about the virus were more likely to interact with these to find more information. While the efficacy of these schemes is dwindling, they led to a sharp uptick in ransomware early in the pandemic.
The human element isn't the only factor contributing to this rise in ransomware attacks. As more employees start to work from home, it creates some new vulnerabilities. Employees' home networks likely don't have the same protections as the office’s, making them more susceptible to cyber attacks.
In fact, there was a 400% increase in cyber attacks reported to the FBI since the pandemic started. Many of these likely arose from the transition to remote work as well as the aforementioned COVID-themed schemes, as businesses struggle to secure their newly widened perimeter. Companies must now deal with a unique set of challenges in endpoint security.
Employees' personal devices and networks may not be able to support enterprise-level cybersecurity measures. Even if they can, issuing updates or changes is now more challenging, since everything is on a separate network now. These technological difficulties have presented an opportunity for cybercriminals.
The frequency of attacks isn't the only part of ransomware that's changing. As the pandemic has made some targets more valuable or vulnerable, ransomware trends are shifting in response. For example, attacks targeting SEC registrants are rising, according to the Office of Compliance Inspections and Examinations.
Many companies are facing financial uncertainty amid the pandemic. As a result, they may be more likely to consult investment advisers, making these registrants a tempting target for cybercriminals. As businesses like these become more crucial, criminals have more to gain from ransomware targeting them.
Another rising ransomware trend is the growth of data exfiltration, where hackers transfer data to another computer or server. Thanks to groups like Netwalker, these attacks are becoming much more frequent across all industries.
Ransomware attacks are also becoming more targeted. Cybercriminals are moving away from an opportunistic approach in favor of more thought-out attacks on specific targets.
Cybersecurity best practices have remained mostly unchanged, but are now more critical than before. In the face of rising ransomware, businesses need to emphasize proper security measures for their employees. This is where security awareness training comes in handy. Having a training program in place will keep security top-of-mind for employees and will help them recognize and avoid phishing and social engineering attacks that can lead to ransomware.
Businesses should also encourage employees to use strong, unique passwords for all accounts. Providing tools like password managers or anti-malware programs to help remote workers in this endeavor may be necessary. Creating offline backups of sensitive or mission-critical data is also essential in mitigating ransomware.
Different businesses will have varying security needs, so companies may need to scan for vulnerabilities or run penetration tests to find these. Another key thing to have in case of a ransomware attack is cyber insurance. With comprehensive cyber insurance coverage, companies will have a safety net in place and share the financial burden with their insurance provider in the event of an attack. Just as in other areas, companies need to be flexible in their cybersecurity now. Ransomware trends are always evolving, so businesses need to remain vigilant to respond.
Ransomware is not a new threat, but the pandemic has given it new urgency. Now more than ever, businesses need to consider how they can protect themselves against these attacks. Companies likely have more technological and human variables than before, and they need to address them.
The dangers of ransomware won't go away with the pandemic, either. By taking the opportunity to increase security now, business leaders can defend against ransomware attacks in the future. Cybercrime may be on the rise, but it could encourage more people to create a secure digital landscape.
Devin is the editor-in-chief of ReHack.com.