Ransomware attacks are plaguing organizations throughout the globe, particularly in the U.S., and have become the attack method of choice for hacking organizations. Big names like Colonial Pipeline, meat producer JBS and the city of Gary, Indiana recently made headlines when their operations screeched to a halt after their data and technology fell victim to bad actors believed to be based in Russia. Operations resumed only after millions of dollars in ransom were paid and it is still unclear whether these organizations were able to recover all the data seized by the attackers. More than likely, they were not.
Hashed Out reported that in 2019 cybercriminals successfully launched ransomware attacks against 966 U.S. government, healthcare, and educational entities, combined costing those organizations more than $7 billion.
And it is likely to get much worse before it gets better. So fasten your cyber-seatbelts folks, it is going to get ugly.
top of page
SO, WHAT EXACTLY IS RANSOMWARE?
Ransomware is a type of malicious software that is launched by cybercriminals to extort money from targeted victims. The malware infects the target’s systems, then locks and encrypts its files unless or until a ransom is paid. This prevents anyone from opening those files and accessing data, effectively rendering inoperable all business processes that use that data - and often causing substantial and irreversible data loss. Usually, the companies only have a few hours or a couple of days to pay the ransom before the key to unlock the data is destroyed.
HOW DOES RANSOMWARE WORK?
Ransomware attacks often start with a Trojan, which is malware disguised as a legitimate file that a user is tricked into opening or downloading. This is not always the case, as the notorious WannaCry worm spread unfettered by the need for any user interaction. But today, Trojans are for the most part square one in the ransomware attack paradigm. Once the Trojan has been deployed inside the organization, it immediately goes to work spreading itself and encrypting every file it comes across on the first computer it infects and then every computer it is able to get to. Usually a message is displayed on the encrypted host computer, informing the user of the attack, the amount of ransom demanded, details on how to contact the cybercriminal, and instructions on how to pay.
bottom of page
Comentários