In this hyper-digital world, everyone is connected to everyone. This hyper-connectivity rewards brilliant advantages but entails a fair share of problems which can be devastating in effect. One of these problems is ransomware attacks. The entire corporate landscape around the world is required to secure their servers and websites where information floats into their networks. Ransomware attacks are maneuvered at large targeted towards crippling an organization’s system. They are more aimed to attack corporations than mere individuals.
Ransomware is meant to clutch data on a computer, enabling an encryption that bars any access. The hackers demand ransom in exchange for access to your data. However, one can never be able to gauge whether these hackers would live up to their word of decrypting your data and granting you access once you pay the ransom. For corporate giants, the magnitude of ransomware attacks can be disastrous.
A common way ransomware attacks occur is through phishing spam. These are attachments sent via emails, masqueraded as files anyone can blindly trust. Once opened and downloaded, they can seep through a system and easily take over. Ransomware is often socially engineered to trick users into allowing administrative access to their systems. Once access is allowed, the data can only be decrypted through a numerical key which the originator or the hacker knows. The hackers sometimes demand payment in Bitcoin to reveal the key.
Why is Bitcoin such a popular ransom request? Bank transfers, credit card, and cash payments can easily be traced. Such ways can always be difficult to carry out. In fact, they have no encryption and can easily lead to the origin of the attack. Ransomware attacks largely benefited from the revolutionary technology of cryptocurrency and end-to-end encryption of a blockchain protocol.
In recent times, ransomware attacks have taken a toll, globally. Zohar Pinhasi, a cybersecurity expert, ethical hacker, former Israeli Military official and ransomware removal, and recovery expert has over 25 years of industry experience and for him, dealing with ransomware has been an everyday practice. The CEO of MonsterCloud cites his opinion on the dangers of ransomware attacks. He says: Ransomware today is a global problem that affects every person on planet Earth. No matter who you are, no matter what kind of business or government you are, you can be affected. It’s beyond insane.”
Ransomware attacks are more common than ever and according to Systweak, the United States is a primary target for ransomware attacks. In fact, during the first quarter of the year 2016, a single business was vulnerable to an attack every 120 seconds Later in the third of the same year, one single business was vulnerable to a ransomware attack every 40 seconds!
Subsequently, no industry is immune in this case. The top targets of ransomware attacks are entertainment, media, education, IT, healthcare and corporate industries. In most cases, business often evaluates a ransomware attack before deciding on a course of action. Most corporations do not surrender to attack and pay the ransom, as a principle. However, certain businesses, government agencies, and health institutions are compelled to take the immediate action of paying ransom because the data seized in the attack is too important and sensitive or required in urgency. Some business operations are completely reliant on the seized data which leaves them no choice but to pay off the ransom. While there are also law firms, agencies and businesses that do not want to expose the vulnerability of their systems and networks, often to avoid causing panic among customers and clients, since names, numbers, addresses, credit card numbers, geo-locations are some of the data seized in an attack. It only makes them tempting targets.
To gauge how dangerous ransomware attacks are and to what extent they can cause damage, take an example of WannaCry. The NHS in England suffered the outbreak of WannaCry ransomware attack. According to The Guardian, the attack targeted around 80 NHS organizations. It resulted in the cancellation of around 20,000 appointments. It stopped over 600 GP surgeries and also five hospitals were forced to divert ambulances, failing to handle cases of emergencies.
The WannaCry outbreak was a lesson for all. But it did not stop there. A bigger nuisance was hovering above and this time, shipping giant Maersk was the target. Notpetya ransomware attack took over the entire computer network of Maersk. The shipping company resorted to replacing an abundant number of computers and servers in the aftermath of the attack. The chairman spoke during the World Economic Forum (video below) and claimed that Maersk had to replace 4,000 servers, replace 45,000 computer systems and install 2,500 apps. The company handles 20 percent of the world trade and the accumulating loss due to the Notpetya ransomware attack was around $300 million. The attack resulted in the total shutdown of their network and it took long before the network was up and running.
Notpetya became a global problem after it infected Ukraine and almost destabilized almost all of the country’s systems. The single cyber-attack was appallingly huge in its magnitude and called for the attention of global superpowers like the United States and the United Kingdom. The US and UK publicly declared that Russia was behind Notpetya. It was part of Kremlin’s effort to cripple the entire network system in Ukraine as part of the ongoing political tensions between the two countries.
The shocking cases are examples of what cybercriminals are gearing towards. Ransomware has become a global nuisance and so far, it is only getting worse. It can only be debated what is next for this particular cyber attack and how soon the world meets another global outbreak of a ransomware.
For businesses, corporations and government agencies, it is highly advisable to incorporate proper security systems having end-to-end encryption of their servers and networks. Data has become the most valuable commodity now. Hosting servers are required to be checked for their reliability and risks. In addition, plugins, add-ons, applications needed to be integrated in order to keep notorious cyber attacks at an arm’s length. A simple attack can seize data and put a corporation years behind with their system.
On the other hand, ransomware removal processes should be largely engaged if a system or network is under attack. Many cybersecurity expert companies specialize in the removal and recovery of systems from ransomware attacks since it has become a common problem that many businesses, especially in the United States are prone to have. However, for some attacks like the Petya and Notpetya, there is little hope if corporations have options to deal with other than settling for their demands. Long before one can predict, there might be another dangerous ransomware attack in near sight.