News reports recently have shown that ransomware attacks are rising at a rapid pace. Many may wonder why this is. Ransomware-as-a-Service (RaaS) is a new take on a get rich quick scheme that hackers have devised. This scheme allows them to get paid for very little work and almost as little risk. This business model has grown among cyber-criminal organizations, utilizing modern marketing and corporate strategies to lead their “customers” to choose their ransomware services among the many to choose from on the Dark Web.
As Kaseya recently learned, it is becoming easier for hackers to plant their malicious code and then let someone else do the dirty work of sending it out to infect other systems. In Kaseya’s case the hackers broke into the “mothership” of a popular software management tool and planted their malicious code. Then without knowing it the “mothership” distributed that code to many of its customers. This left hundreds of systems infected by the ransomware and companies trying to recover their data.
The ransom demands for this Kaseya attack were over $70 million dollars. Earlier this year the same hackers are believed the be responsible for the oil pipeline and the JBS meat packing industry shutdowns. Both of which were hacked by ransomware and costs millions of dollars to get back up and running. These costs will be passed on to consumers leaving everyone to pay the price. While many in government believe the Russians are behind these cyber-attacks. Specifically, a group calling themselves REvil, a Russian based hacker group believed to be responsible for many cyber-attacks recently.
The costs of recovery after a ransomware attack is often than 10 times the ransom paid in most cases, according to Sophos Research in an article for Forbes. The costs of technical advances have shown us the downside of it as well. While many of us rely on our computers and other devices, they also come with a vulnerability that no typical security officer can protect them from. With crypto currency helping keep attackers anonymous and avoid the reporting problems that come with using traditional banks, cyber attacks are only going to keep rising.
Therefore, we must keep our Sophos endpoint and server protections up to date and in place and all our devices encrypted or protected in some way. Carbonite cloud storage and/or back-up hard drives are crucial to keeping these attacks from being devastating to a business. A company who can restore their files from a continuously updated back-up drive will recover from a cyber-attack much better than one who does not keep back-up drives. And finish that with a good Barracuda firewall to keep unknown entities from getting into a system in the first place. These services and more are available to help offer more protection to a company’s data.
Since the cyber world is one that is constantly evolving and developing new ways to both be protected and infected. Programmers on both sides of the issue work hard each day to outwit one another. So the next time you feel like your wasting extra time on two factor authentication, or proving your not a robot, remember its for your data’s protection. These steps and many others can be used to keep protection levels high. A business needs these protections more than most, to keep its customers safe and their information private. Contact us today to see if your business and data are protected.
