On average, every ten seconds a business executive pays a ransom of over $ 230,000 to avoid losing sensitive company data. For the global economy, the total cost of ransomware – cyber attacks through which hackers encrypt files stored on the network until the required sum is paid – was $ 20 billion in 2020 alone: 75% more than in the past. ‘last year.
Ransoms are growing
A surge caused, as reported in the Cybersecurity Report di Check Point, not only by the growing number of attacks (which quadrupled compared to five years ago), but also by the size of the average ransom requested, which rose by 30% only in the second half of 2020. But these are the average values: in some cases , the victim is come to pay even 34 million dollars in bitcoin to be able to access his files again.
Overall, the millionaire extortion is not sporadic: K-Electric, the main energy company in Pakistan, paid a ransom of 4.5 million dollars, equal to that paid by the US travel agency giant CWT. Among the companies that only in 2020 fell victim to ransomware we find also the Italian Campari (targeted by Ragnar Locker, one of the most feared hacker collectives), the famous video game company Capcom, data center giant Equinix, US military supplier Westech and even football clubs like Manchester United.
Seven out of ten fail
According to a survey of 600 business executives, over the years 70% of them have paid at least one ransom as a result of ransomware attacks. A situation made even more serious by the recent spread of the so-called “double extortion”. This new technique, as always stated in the Check Point security report, provides that “the group infiltrates without being seen in the target’s network and steals large amounts of sensitive data; once they get the data, they can then deploy the ransomware and encrypt the files. At that point, the attackers add to the ransomware the threat of publicly disclosing the stolen data, unless the ransom is paid in due time.
Those who are not willing to pay to regain control of their files could still succumb to the threat of public disclosure of the stolen data, with the consequent obligation to communicate the violation to all interested parties: customers, business partners and institutions. So how to defend yourself from ransomware and avoid falling victim to cyber pirates? “In most cases”, the report reads, “the ransomware is not inserted directly into the network, but is preceded by an initial Trojan implanted by the same group of hackers. IT teams must therefore always be vigilant and ready to notice any signs that may indicate the presence of a Trojan within their networks; to prevent this infection, it is crucial to always keep the antivirus used up to date ”.
Beware of remote work
Another form of attack exploits the vulnerabilities of Remote Desk Protocol, which allow remote connection from one computer to another. In this case, hackers can break into company computers after obtaining the credentials (through phishing or by exploiting a brute force attack). Once logged in, getting the ransomware into the network is child’s play. To protect yourself, it is essential to discover internal vulnerabilities in the protocol, updating it to the latest version, having strong passwords and using two-factor authentication.
In addition to this, there are specific solutions that constantly monitor the network for behaviors that indicate an impending ransomware attack, for example by identifying if a file has been illegitimately encrypted and preventing the spread of the infection by quarantining all other data. . And so, will we not find ourselves grappling with the devil’s alternative: paying hackers, knowing that we will do nothing but incentivize future attacks, or resist, with the risk of losing all our documents forever?