Targeted ransomware attacks on the rise in the age of remote working
Working online has become the new normal in the wake of Covid-19, and cases of cybercrime are on the rise.
Modern cybercriminals now favor ransomware – a type of software designed to damage a computer, server, network, or client – to hack their targets and block access to systems until an exorbitant amount of money. be paid. Healthcare organizations, government agencies, businesses and others have been victimized.
IT security firm Sophos has published shocking results in its Ransomware Status 2021 global investigation report, revealing that the average total cost of recovery from a ransomware attack has more than doubled in one year, from $ 761,106 (roughly R10.75 billion) in 2020 to $ 1.85 million (over 26 billion ransomware) in 2021.
This may be closely associated with the mass movement towards remote working in the corporate world due to Covid-19 and adherence to social distancing protocols.
Paying doesn’t mean the problem is over
Global results show that although more organizations have chosen to pay the ransom, only 8% have managed to recover all of their data after payment, and 29% do not recover more than half of their data.
The most common ransom payment is over R40,000, while the highest payment made among the companies surveyed was over R44 million.
“The results confirm the brutal truth that ransomware doesn’t pay off,” says Chester Wisniewski, senior researcher at Sophos.
“Although more organizations have chosen to pay a ransom, only a tiny minority of those who paid have recovered all of their data.”
In South Africa, the average cost of resolving a ransomware attack is over 6 million ransomware, with 24% of respondents reporting a ransomware attack in the past 12 months.
Rebuild after an attack
“Recovering from a ransomware attack can take years and is more than just decrypting and restoring data,” says Wisniewski.
“Entire systems have to be rebuilt from the ground up, then there’s the operational downtime and customer impact to consider, and so much more. In addition, the definition of what constitutes a “ransomware” attack is evolving. ”
Targeted ransomware appears to be the newest and most sinister type of malware.
It is getting very sophisticated, with some variants now being able to access a computer system without connecting to the Internet, making its source virtually untraceable.
The pressure of despair
The rapid and profitable gain, combined with its stealth and relative anonymity of transactions, has made this type of cyberattack increasingly attractive to criminals. This is according to Deloitte Data Hostage Taking: The Ransomware Rise Report.
“We have seen attackers move from generic, larger-scale automated attacks to more targeted attacks that include manual keyboard hacking,” says Wisniewski.
“Although the overall number of attacks is lower as a result, our experience shows that the damage potential of these more advanced and complex targeted attacks is much higher.
“Such attacks are also more difficult to recover, and we are finding that this is reflected in the investigation in the doubling of the overall costs of remediation.”
No one is immune
Among its recommendations for defending against ransomware and associated cyber attacks, Sophos says individuals should assume they will be victims. No industry, country or organization is immune to risk.
“In short, it’s more important than ever to protect yourself from opponents at the gate, before they have a chance to seize and deploy their increasingly multiple attacks.”
Palesa Mofokeng is a Moneyweb intern.