Ransomware is blazing its way across the front pages of news sites and the primetime anchor spots on TV, and for good reason; WannaCry has been an attack that has stunned the world with its reach and disruptiveness. Perversely, the WannaCry attack has been welcomed by some professionals in the cybersecurity industry. While the damage is entirely lamentable, it has highlighted the extent of unpreparedness that is common to the digital world. With modern ransomware able to devastate national infrastructure such as the NHS in the United Kingdom, more is clearly required to reach a secure level of operation. With this said, there are details to ransomware that many are entirely unaware of. Being a nuanced and technical subject, we have brought together a list of informative points to bear in mind.
The amount of money made by ransomware is staggering.
Ransomware wouldn’t be as prevalent as it is if there wasn’t a huge amount of money to be made! While there are many forms of viruses and hacks online that exist purely as toys, the most telling indicator of how widespread an attack will be is the potential it has to make profit and ransomware are no exception.
This is partly since a ransomware attack can ‘blanket’ target both large and small industries and companies with ease. While large corporations are just as vulnerable to being caught, it’s also true that small businesses are being hammered every day with demands to pay up to access their suddenly ‘encrypted’ data. Cryptowall 3.0, a salient example of this potential for income, made $325 million in 2015 alone.
Payment doesn’t guarantee the release of your files
To quote author Terry Pratchett, “Criminals don’t obey the law. It’s more or less a requirement for the job.” The same disregard for the very agreement in their ransomware is commonly seen. Many individuals have been the victim of a ransomware attack, suddenly finding that their business-critical files are beyond use and must be paid to be accessed. The problem? They don’t release the files. Many accounts exist across the internet of people who have ponied up the funds as demanded by their local cybercriminals, after which the files remain encrypted. This behaviour of giving in to the criminal’s demands is dangerous; many perpetrators of ransomware attacks make their best money by repeatedly targeting and ‘squeezing’ those who have initially paid in the hopes of restoring access to their files.
Ransomware is easily accessed
The two pillars of ransomware success in recent years are the ease of its access and the simplicity of its use. We’ve explained how ransomware can attack both small and large businesses en masse. With many small businesses woefully underprepared for an attack, often with little to no defence at all, penetration is easy. Second to this is the ease at which an individual can ‘get involved’ in ransomware themselves.
Ransomware can be downloaded easily online in a relatively anonymous manner, particularly if the individual masks their presence with the use of software such as VPN managers. This allows any interested individual access to some of the most damaging and widespread forms of ransomware available. On a more sinister note, however, is the ‘as a service’ approach to distribution. It’s important to remember that cybercriminals are in it for the profit; it isn’t done just for fun!
The SaaS model allows individuals to acquire the most efficient forms of ransomware at no cost, instead directing a portion of their ill-gotten gains back to the producer of the ransomware each time they succeed. This low barrier to entry in terms of both cost and simplicity in using the products themselves is a large factor in the sheer rate of attacks witnessed over recent years, as well as a significant contributing factor in the continued growth of the cyber phenomenon as a whole.
Custodian360 is one of the only truly managed ransomware protection solutions available in the UK, using state of the art real time detection & prevention software backed up by a team of security analysts dedicated to the protection and remediatin of your network.
Get in touch with us today to find out more about us.