Today, cybercrime is big business. Attackers understand the world we live in. They understand how law enforcement and standard cyber defenses operate, and like most inhabitants of the wild - they have learned to mutate and adapt to ensure their survival.
One of the more prominent examples of this survival adaptation is seen in the rising uptick in ransomware cyberattacks.
What is ransomware?
Ransomware is a type of malware that uses encryption to remove a data owner’s access - enabling an attacker to hold the data hostage until the data’s owner pays the ransom. In most cases, the attacker will decrypt the files back once the requested payment is received without further harm to the organization.
How is ransomware different today?
Ransomware has a long and storied past. It has successfully moved from its humble beginnings on 5¼ floppy disks -utilizing simple trickery and deception - to outright extortion leveraging advanced cryptographic techniques. According to a recent research report by Palo Alto Networks, the average payment following a ransomware attack in 2020 increased by 171% to $312,493 compared to $115,123 in 2019.
Essentially, cybercriminals have realized that instead of having to fence stolen foods, it is more effective for them to simply extort end users and corporations directly. So much so, that they have shifted from targeting users at random to strategically targeting business users with access to valuable data.
Why are ransomware attacks on the rise?
When you have a highly successful form of attack that relies on a combination of human error and technical strength, criminals will figure out a way to use it to make money. And if you compound that reality with the reality of today’s hyperconnected world you have concocted the perfect recipe for a ransomware attack.
Interconnectivity: COVID-19 and Remote Work
With the business world going increasingly remote due to the COVID-19 pandemic, attack surface size – the sum of the different points where an unauthorized user can try to enter or extract data from an environment – has significantly increased.
Ease of Payment Exchange: Cryptocurrency
The global accessibility and widening popularity of cryptocurrency provides near instant monetary gain and little to no traceability. Unlike more traditional hacking campaigns where the attacker must break into the target machine(s), exfiltrate the desired data, find a buyer for that data, negotiate a deal, and process the payment - ransomware attacks yield faster results for attackers.
Luckily, companies like CipherTrace, a Mastercard company, exist to provide businesses with greater transparency to help identify and understand their risks and to help manage their digital asset regulatory and compliance obligations across 7,000+ cryptocurrency entities.
Low Effort Attack Methods: Criminal Information Sharing
Success begets success. The more successful a ransomware attack method becomes the more likely it is shared amongst cybercriminal groups and across the dark web for further duplication and mutation. Essentially, the relative ease of carrying out an attack and securing a payout makes ransomware an attractive option for cybercriminals. Thus, widening the door for more criminals, regardless of their skill level to utilize ransomware-style attacks.
Ransomware and third-party risk management
Other people’s bad decision-making could put your organization at risk. With ransomware attackers hyper-focused on business users with access to critical, high-value data it’s important to properly vet and digitally monitor the vendors and service providers that your organization does business with.
Managing vendor risk can seem like an impossible task given the gravity and the complexity of today’s landscape. But the key lies in having greater visibility into your digital supply chain, knowing who poses the greatest risk to your organization, and being prepared to act timely on that risk.
How can businesses stay protected?
Cybersecurity is about understanding, managing, and mitigating the risk of critical data being disclosed, altered, or denied access to. And in the case of ransomware protection, it’s not a one-time investment, but rather a continuous monitoring process.
Traditional antivirus or endpoint security will only tackle known ransomware. Thus, it’s imperative to deploy solutions with highly accurate, continual vulnerability detection so you can confidently and quickly act on risks before they can be exploited by ransomware.
How can Mastercard help combat ransomware?
Continuous risk monitoring solutions like RiskRecon provide highly precise cybersecurity ratings and insights that shed light on the “known good” and “known poor” reality of an organization’s cyber hygiene and subsequent risk management performance. Using both ‘A to F’ and ‘1 to 10’ grading scales, RiskRecon non-invasively scans the internet-facing profiles of a given organization, automatically assesses its asset value, and prioritizes such findings so higher-risk vulnerabilities can be remediated first.
Ultimately, companies that measurably demonstrate good cybersecurity risk management practices have much lower rates of bad outcomes and susceptibility to cyberattacks such as ransomware. Based on an analysis of RiskRecon’s ratings and ransomware events occurring across 118,000 companies, companies in the “F” and “D” rating tiers have a blended rate of 16.6 times higher ransomware event frequency than do companies in the “A” rating tier. Hence, the necessity of technologies like RiskRecon.
To learn more about RiskRecon’s platform and how you can get the most out of it, schedule a demo today.