Ransomware, a form of malware that allows a malicious entity to hold personal or corporate data “hostage” in exchange for a ransom, can pose a serious threat to individuals and businesses alike. While some sources claim that ransomware attacks have become the greatest threat to online security, others provide a more nuanced perspective on this form of malware. Here, the malware experts at Atlantic Data Forensics analyze the trends and provide insight into the risks that ransomware attacks pose for businesses.
The Basics of a Ransomware Attack
Ransomware attacks, which normally occur via email, are broken down into two categories: locker ransomware and crypto ransomware. Locker ransomware encrypts the entire hard drive of a computer, preventing the user from accessing anything on the device. Crypto ransomware only encrypts specific files of maximum importance, such as word documents, PDFs and image files. Once the data has been encrypted, the entity who sent the ransomware demands that the user pay a fee to reclaim the data or risk losing the data forever. Should the user refuse to make the payment, the ransomware will automatically corrupt or delete the files or data, making it difficult for the user to find an alternative solution.
The Increase in Ransomware Attacks
As shown by Verizon’s 2018 Data Breach Investigations Report, ransomware was the most prevalent variety of malware used in 2017—approximately 39% of all malware attacks analyzed by Verizon in 2017 used some form of ransomware. Ransomware is also the form of malware that has increased most rapidly in use: according to MalwareBytes, ransomware attacks increased by 90% in 2017 from 2016. These increases may be explained by the fact that ransomware is relatively easy to deploy, making the barrier to entry for amateur hackers low.
The Evolution of Ransomware Attacks
These statistics do not provide a full view of the state of ransomware, however—ransomware has evolved, and continues to evolve, in scope, form, and use. According to F-Secure’s 2018 Report, The Changing State of Ransomware, ransomware attacks actually decreased in the latter half of 2017, and the development of new ransomware families decreased as well. They theorize that dramatic fluctuations in cryptocurrency values—the form of currency most often demanded in ransomware attacks—have enticed hackers to mine or create cryptocurrency, instead of demanding it from other entities through ransomware attacks. F-Secure also found that attacks decreased in number because hackers are more focused on quality targets that are able to provide a larger ransom, as opposed to a large quantity of smaller targets.
Best Practices for Businesses to Protect Their Data from Ransomware Attacks
Ultimately, while ransomware attacks may be evolving and decreasing slightly in prominence, they are no less dangerous to large corporations and businesses. As such, these entities must have security measures in place in order to prevent ransomware attacks. Some of the best practices for preventing ransomware attacks include:
- regularly backing up critical data,
- regularly updating operating systems and software,
- deleting suspicious emails that include attachments, especially those with attachments that ask you to enable macros to view the content, and
- consulting a computer forensics company, such as Atlantic Data Forensics.
Atlantic Data Forensics has years of experience helping businesses implement strategies to prevent ransomware and other malware attacks from occurring. And, should a ransomware attack occur, Atlantic Data Forensics has the knowledge and skills necessary to quickly and discreetly handle the situation in an effective manner. To learn more about the services Atlantic Data Forensics can provide your business, contact them today.