The first half of 2021 has seen a dramatic increase in ransomware attacks across the globe. What is ransomware and why does your business need to protect against it?
Cybercrime has been rampant since the beginning of the pandemic with hackers exploiting the shift to homeworking. According to a mid-year report from cybersecurity specialist Check Point, cyberattacks increased by 29% in the first half of the year. However, there is one cybercrime in particular which has seen a startling rise of 93% between January and June 2021: ransomware.
Ransomware is malware usually sent to individuals via a link in an email. By clicking on the link, the victim inadvertently enables the malware to encrypt computer files so that they are inaccessible unless a ransom is paid to unlock the data.
Ransomware has been with us for a while. The first documented case occurred in the 1980s, but this form of cybercrime didn’t become widespread until the early 21st century. Now it has become a powerful tool for global criminal enterprises, hence its explosive growth.
Ransomware attacks are becoming increasingly sophisticated. 2020 saw the rise of the double extortion technique. This meant that hackers not only demanded a ransom to unlock data but also leaked information online, or sold it to the highest bidder, if the victim failed to pay up.
The dramatic rise in cases in 2021 has been driven by a new development known as the triple extortion technique. This involves criminals demanding ransom payments from third parties related to the initial attack such as customers, vendors or business partners.
In addition to new techniques, ransom payments are rising rapidly. One expert reported an average ransom payment in 2020 of $310,000, representing an increase of 171%, but the most audacious demands are much higher.
Colonial Pipeline, a privately-owned oil distribution company in the US, paid a $5million ransom in an attack earlier this year and the notorious Russian hacker group, REvil, recently demanded $70million from global IT infrastructure provider, Kaseya.
The highest number of cyberattacks weekly occurred here in the Asia Pacific region, a concerning statistic even if the percentage increase of 13% in Asia is low compared to Europe Middle East and Africa (36%) and the Americas (24%).
What is clear is that all companies (and individuals) need to be on the alert for this kind of attack, particularly regarding supply chains, which have been targeted this year. The hackers are getting more organised, better equipped and increasingly brazen to achieve maximum disruption and receive higher ransoms. When ransoms are paid, this empowers the criminals by funding the acquisition of superior equipment and rendering their operations slicker.
Even though governments and law enforcement agencies are investing millions to improve cybersecurity and combat crime, experts are predicting that incidents of ransomware, and the ransoms demanded, will continue to rise, with triple extortion becoming increasingly prevalent.
Organisations need to be aware of the risks and put appropriate systems in place to prevent attacks with minimum disruption to their business activities. It’s a mammoth task. In addition, companies need to develop strategies to protect against collateral damage to their partners and customers.
As individuals, we can all play our part too with heightened vigilance and better practices.
Individuals can find information from the US government about protecting against ransomware attacks here, and there is useful advice for businesses here.
Remember, it is always better to be safe than sorry. If you have any suspicions about a link or attachment in an email, don’t click on it! Stay safe out there.
Chartered FCSI
I have over 20 years of experience in the financial services industry and hold a Chartered FCSI qualification. I ensure that our operations are fully compliant with the rules of our most stringent regulators.
