The Rise of Ransomware in Times of COVID-19
Ransomware attacks are on the rise, and attackers are getting bolder and bolder. Software AG, an enterprise and IoT platform provider, received two hits in October, demanding a whopping $20 million ransom to de-encrypt the data. When the company refused, the hackers released screenshots of highly sensitive employee data, including financial documents, passports, ID scans, and emails.
A more high-profile attack stirred the legal industry in May when theREvil ransomware gang targeted New York law firm GSMS, whose clients include celebrities such as Lady Gaga and Madonna. The gang threatened to leak important documents and contracts if the firm didn't pay $42 million.
Of course, cyber threats and attacks are nothing new. In 2019, the cost of ransomware attacks reached a staggering $7.5 billion, and that number is expected to rise in the coming years. As security systems become more sophisticated, so are the methods of ransomware gangs. In fact, their tactics are evolving, allowing them to attack powerful, multi-national firms in an attempt to extort exponential sums.
There is a strong possibility that the huge increase in attacks over the course of 2020 could be a consequence of the wider issue the world is facing. And the millions of companies moving to digital at scale due to the pandemic could have opened windows of opportunity for hackers to make more money.
As vile as it may be to capitalize on crises, it is a fact that companies and individuals have become more vulnerable to cybercrime. And corporations and intelligence communities must gear up and set up more advanced defenses to stay resilient.
The risks of not giving in
The phrase "we don't negotiate with terrorists" is perhaps the mainstream and noble way to respond to ransomware. But corporations must first understand the risks that come with refusing. Often times, attackers would employ damaging tactics to force victims to give in. This could range from sensitive data leaks, such as the case of Software AG and GSMS, to a hefty GDPR fine. These leaks could not only disrupt your operations and bottom line, but they could also expose your employees and clients to future attacks, not to mention the irreparable damage to your reputation.
Unfortunately, once a company has been attacked, giving in to the hackers' demands is often the only choice they have. There have been cases where ransomware gangs double the ransom or leak sensitive data if they find out the company has employed data recovery experts. When faced with a situation, almost every move could do damage. Not paying the ransom could mean losing money and getting them leaked. Paying the ransom could lead to more costly legal ramifications.
Of course, some companies can contain a breach and have enough funds to deal with the fallout. But for most companies, especially those that have been severely hit by the pandemic, an attack could mean the end of the road.
Preventing future attacks
Not taking cybersecurity seriously in 2021 could mean gambling your company's survival. What is certain is that ransomware attacks are becoming more disruptive and damaging. But only because there are more easy targets. Most companies were understandably unprepared for a mass shift to remote work and e-commerce. Digital migrations that used to be meticulously planned and gradually executed had to be expedited in a couple of months.
Mitigating cybersecurity risks should be a key priority for businesses of any size. And the first step to avoid an attack is to acknowledge just how severe the effects of cyber-extortion will be. Many small businesses hit with ransomware had to permanently shut down because they couldn't recover their systems, even after paying the ransom.
Regardless of your operations' scale, it is crucial to invest in sophisticated, cutting-edge security systems. For instance, businesses should still deploy a Fortinet NGFW(Next-generation Firewall) or UTMappliances despite the widespread use of SSL and certificate pinning. These systems can be hosted in the cloud and add an extra layer of protection against internal and external threats.
Cybersecurity must continually evolve. And the responsibility should not only fall on the shoulders of IT professionals and third-party providers. Creating a cybersecurity culture should be a collaboration between executives and their employees. More often than not, employee habits, such as using weak passwords and doing work using public networks, can leave a company vulnerable to external threats.
Cyber insurance could also offer some protection level, especially for firms that handle vast amounts of consumer data. But a more long-term solution would be better public-private sector cooperation, improved standards and oversight, more guidance for smaller businesses, and increased pressure on manufacturers to build more robust security products.