Understanding the Rising Ransomware Threat and Its Causes
One of the biggest problems facing American businesses today is Ransomware. In fact, it is becoming a global threat. In 2017, a ransomware attack was launched every 40 seconds and that number has grown exponentially in 2018. What are the main reasons for this type of escalation? Why can’t law enforcement or IT experts stop the growing number of cyber-attacks?
Ransomware Trends
One of the reasons involves the latest trends. The art of ransomware is evolving. Hackers are finding new ways to initiate and pull off the cyber-attack successfully. Thieves rarely get caught. So, you have a crime that pays off big financially speaking and no punishment for the crime. The methods of attack expand almost daily. Attack vectors increase with each new breach. If cyber thieves can just get one employee to click on a malicious link, they can take over and control all the files and data for an entire company.
If you go to work in the morning and find that hackers have locked up all your data and are demanding a $2,000 payment in bitcoin, do you pay it or not? Most business owners pay the ransom. It’s easier and cheaper and it gets everyone back to work much faster. One of the major keys to this cyber-attacks success is the fact that criminals keep the ransom amounts fairly low. If you can simply pay $2,000, get all your files back and move on, then why not do so?
Contributing Factors
One of the most crucial contributing factors to this crime is the cryptocurrency revolution. If criminals had to rely on bank accounts and credit cards for payment, their crimes would soon be solved and they would be caught and placed in jail. But cryptocurrency is perfect for Internet-based crimes. It’s untraceable and that makes ransomware a practically unsolvable crime.
The five major cryptocurrencies worldwide in order of their popularity are:
- Bitcoin
- Monero
- Zcash
- Ether
- Litecoin
A recent article in The Motley Fool[1] reports that there are currently 1,658 cryptocurrencies available worldwide. That number grows each day. People love the anonymous nature of cryptocurrency. There are a growing number of questionable businesses on the Dark Web and most only accept cryptocurrency as payment. That’s because much of the sale of goods and services on the Dark Web is illegal. The only safe way to pay for illegal materials is to use a completely untraceable form of payment. The answer is cryptocurrency.
But there are other contributing factors as well:
- Social engineering
- Both known and unknown software vulnerabilities
- Poorly configured servers and workstations
Most of these vulnerabilities do have a workable solution. It’s just a matter of finding out where you are most at risk and taking steps to close up those weaknesses. A good IT managed services outfit can assess your current IT infrastructure and make recommendations for improving it. Consider it an investment in your company’s future.
It would be nice to speculate that the whole world will suddenly wake up and decide to be honest and upright in all their dealings; but that is not a realistic viewpoint. Instead, we must move forward with the resolve to create and support global internet police agencies who have the power to track down and arrest cyber-criminals. When there’s no punishment for a crime, it’s a proven fact that it will increase and even flourish.
What Can You Do As a Business Owner?
Knowing that all these things are true and things are not going to just suddenly get better, you have to ask yourself how you can protect your company from cyber thieves. The number one way that all security experts agree on is better employee training. Thieves most often trick an employee into clicking on a bad link. The human factor is the weakest link in the cyber-security chain.
But the good news is that training your employees doesn’t have to be expensive or time consuming. Ask a local security expert to come out once a month and address all your employees. The experts can educate everyone about the latest cyber threats. They can share helpful information about what phishing scams are and how to spot a suspicious email. If you don’t have the budget for it, you could even ask the security expert to do his talks on YouTube and then send links to everyone in your organization. Make watching these security briefs mandatory for all employees.
There are plenty of good resources online now about cyber theft and best practices for cyber security. If you can afford to have a local IT guru come out quarterly and speak to employees about Internet security, this will reinforce what employees have already learned.
Head in the Sand?
The problem with many organizations today is that their leaders are living in a bubble. They think ransomware attacks only happen to other people. They don’t really think they will ever be a victim of a cyber-crime. This isn’t true. Statistically speaking, your company will eventually get caught in the web that cyber thieves weave. The question is not “whether” your company will be a target, but “when” this will occur. The best course of action is simply to prepare for it.
- Educate your employees.
- Hire the best IT experts you can afford to test your network.
- Spend the money on whatever new improvements are needed to fortify your IT infrastructure.
- Make sure all software and hardware is patched and up-to-date.
Sadly, the Crypto Crime Wave is backed by huge communist governments. These countries are earning billions of dollars each year by stealing data from businesses, hospitals, charitable organizations, individuals or whoever falls prey to their scams. They sell the information online and there are always plenty of buyers for this type of data.
However, knowledge is power. Now that you know a few things about ransomware attacks and what you can do to stop them, take action! Don’t wait around until you get that awful message on your computer screen that says:
“You’ve been Hacked! Your files are frozen. Here’s what you need to do to get your computer access restored!”
Don’t wait for that day to come. Take action now to protect your company from the threat of ransomware, malware, and all the other forms of internet piracy. When business owners become more proactive about their internet security, the threat of these attacks should start to diminish. Today, American businesses are making it all too easy for cyber criminals to succeed. But as company owners become more savvy, these criminals will find it harder to earn a living stealing.
[1] https://www.fool.com/investing/2018/03/16/how-many-cryptocurrencies-are-there.aspx