Cybersecurity experts estimate that there is a ransomware attack every 11 seconds. This makes it a challenge to individuals, businesses and even governments.
In ransomware attacks, cybercriminals encrypt a victim’s network or data, making it inaccessible until a ransom is paid. Despite organizations’ efforts to reduce the attacks, cybercriminals also are advancing their attack methods. For instance, an organization may have backups they can use to restore their systems, but the criminals also demand ransom not to publish the sensitive company information they have in their possession.
Ransomware is not a new cybersecurity threat. It is traced back to 1989 when the first ransomware was released through floppy disks and required a victim to send money to a post office box in Panama. As technology now has advanced to allow for always-on connectivity, the prevalence of ransomwares has grown tremendously. The use of bitcoin and other cryptocurrencies as payment make it more complicated as they are difficult to trace. These attacks such as the WannaCry, CryptoLocker, etc. have resulted in billions in losses through infrastructure and business outages and millions of dollars being paid to the attackers.
Ransomware has grown so much that organized gangs are offering cybercriminals services for hire. This is made more intricate by the availability of ransomware-as-a-service (RaaS) to provide infrastructure to other cybercriminals to escalate their attacks.
Ransomware has become such a global threat that in a joint advisory made up of CISA, FBI, NSA and International Partners, has called for every government, business and individual to be aware of this threat and take necessary action to avoid becoming victims.
President Joe Biden also continuously issues warnings to business leaders to strengthen their companies’ cyber defenses. The risks of cybersecurity are expected to increase with the ongoing invasion of Ukraine by Russia.
On the other hand, there are efforts to reduce the threat scale by various groups. One such group is the Cyber Threat Intelligence League (CTI-League), made up of cybersecurity experts from different countries. They have helped take down malicious websites, detect vulnerabilities, collect and analyze different phishing messages, and assist law enforcement organizations in creating safer cyberspace.
Protecting Against Ransomware
Before a ransomware attack is fulfilled, there are detectable activities that can aid in mitigating an attack. In any case, the attackers target specific user behavior, unchanged default security configurations and common technology vulnerability. This means that ransomware attacks can be avoided. Some ways to keep safe from ransomware include:
The CISA, FBI, NSA and International Partners joint advisory discourages paying ransom to cybercriminals and recommends following the CISA ransom response checklist, and reporting to cybersecurity authorities such as the FBI, CISA or the U.S. Secret Service. System administrators should also follow incident response best practices that can aid in handling malicious activity.
These articles are intended to provide general resources for the tax and accounting needs of small businesses and individuals. Service2Client LLC is the author, but is not engaged in rendering specific legal, accounting, financial or professional advice. Service2Client LLC makes no representation that the recommendations of Service2Client LLC will achieve any result. The NSAD has not reviewed any of the Service2Client LLC content. Readers are encouraged to contact a professional regarding the topics in these articles. The images linked to these articles are protected by copyright and should not be copied for any reason.